Adobe recently announced security patches for their different products including their Photoshop, Acrobat, Magento, and Reader. Their standard patch round has addressed complex yet essential issues in their different software solutions.
Accoridng to ZdNet, the first of these releases addressed concerns on the Adobe Reader and Adobe Acrobat 2017 and 2020 versions, the Acrobat and the Reader DC compatible on both Windows and macOs. In total, there are about 23 vulnerabilities that these software products have. There are 17 critical issues that have been dealt with, while the rest are dubbed as important vulnerabilities. Read the summary of Adobe's Security Report here.
Included in the issues are problematic access controls, information leaks, escalation of privilege, denial of service crash, buffer and integer issues, and use-after-free concerns that can be prone to exploitation. Many of these are critical security concerns, which when left unaddressed can be an avenue of possible attacks.
Adobe Security Issues Hit Multiple Frequently-Used Software Products
Adobe's frequently used products have been the target of numerous security attacks. Adobe's ecommerce platform, Magento has also been a target of multiple vulnerabilities. In total, the Magento Commerce platform as well as the Magento Open Source had 18 bugs that ranges from moderate to critical issues.
As reported by Nintendo Power, some of these vulnerabilities can be exploited by hackers by performing a bit of code execution in order to install a JavaScript in the user's browser, gaining access to their restricted sources.
On the other hand, Adobe Photoshop, a popular tool for photo editing has been founded with five critical vulnerabilities both on the macOs and Windows machine. Again, these security issues can be exploited by code execution and are described as buffer overflow as well as out-of-bounds overflow issues on read or write. The same similar issues are found on the Adobe Illustrator which are out-of-bounds vulnerabilities labeled as CVE-2021-21053 and CVE-2021-21054. For the Adobe Animate, the out-bounds-write flaws re labeled as CVE-2021-21052.
For their website design software, the Adobe Dreamweaver has also been a subject of information leaks. The CCVE-2021-21055 privacy issue of the software has been offered with a single fix.
Adobe Heightens Security Measures in 2021
Prompt patches were given in response to these problems thanks to reports by a number of independent researchers who have first updated about the issue. Decathlon, the Trend Micro Zero Day Initiative and FortiGuard Labs have all taken the lead in reporting the problems. Moreover, a competition has helped address these issues through the initiatives of the Tianfu Cup 2020 International Cybersecurity Contest.
These vulnerabilities are now patched for both Windows and macOS users. It was only during last Month that Adobe has released their first set of security updates for the year. Since then it has already addressed multiple concerns from the Bridge, Campaign Classic, Photoshop and Illustrator. As more and more users patronize the use of these software products, Adobe has also heightened their measures in ensuring that none of these would be avenues for exploitation.
Related Article: Adobe Tells Users To Update Creative Cloud Apps, Or Else They Might Face Legal Consequences
This article is owned by Techtimes
Written by Nikki D