430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Adobe releases out-of-band patches for critical issues in Acrobat Reader, Photoshop, Bridge, ColdFusion

Adobe has released a collection of out-of-band software updates that address a total of 41 vulnerabilities in six of its products. Adobe has released a set of out-of-band software updates that address a total of 41 vulnerabilities in six of its products. “Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS.” […]

Adobe Reader

Adobe has released a collection of out-of-band software updates that address a total of 41 vulnerabilities in six of its products.

Adobe has released a set of out-of-band software updates that address a total of 41 vulnerabilities in six of its products.

“Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS.” reads the advisory published by Adobe.

“These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user.”

The vulnerabilities affect the following products:

  • Genuine Integrity Service
  • Acrobat and Reader
  • Photoshop
  • Experience Manager
  • ColdFusion
  • Bridge

29 vulnerabilities out of the 41 are rated as critical in severity, the remaining 11 have been rated as important.

Acrobat and Reader software for Windows and macOS systems are affected by 13 vulnerabilities, 9 of these issues (CVE-2020-3795, CVE-2020-3799, CVE-2020-3792, CVE-2020-3793, CVE-2020-3801, CVE-2020-3802, CVE-2020-3805, CVE-2020-3807, CVE-2020-3797) are rated as critical severity.

Genuine Integrity Service is affected by only one important severity privilege escalation flaw tracked as CVE-2020-3766.

Photoshop for Windows and macOS users is affected by a total of 22 vulnerabilities, out of which 16 are critical (CVE-2020-3783, CVE-2020-3784, CVE-2020-3785, CVE-2020-3786, CVE-2020-3787, CVE-2020-3788, CVE-2020-3789, CVE-2020-3790, CVE-2020-3773, CVE-2020-3779, CVE-2020-3770, CVE-2020-3772, CVE-2020-3774, CVE-2020-3775, CVE-2020-3776, CVE-2020-3780).

The company also has addressed one sensitive information disclosure flaw in the Experience Manager application (CVE-2020-3769), two critical issues in the Adobe Bridge digital asset management app (CVE-2020-9551, CVE-2020-9552), and two critical vulnerabilities in the ColdFusion (CVE-2020-3761, CVE-2020-3794).

The good news is that none of the security vulnerabilities addressed by Adobe have been exploited in the wild.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, cybersecurity)

[adrotate banner=”5″]

[adrotate banner=”13″]