Home>Blog>The Hacker News Headlines>Adobe Issues July 2020 Critical Security Patches for Multiple Software
The Hacker News Headlines

Adobe Issues July 2020 Critical Security Patches for Multiple Software

adobe software security patch updateadobe software security patch update

Adobe today released software updates to patch a total of 13
new security vulnerabilities affecting 5 of its widely used
applications.

Out of these 13 vulnerabilities, four have been rated critical,
and nine are important in severity.

The affected products that received security patches today
include:

  • Adobe Creative Cloud Desktop Application
  • Adobe Media Encoder
  • Adobe Genuine Service
  • Adobe ColdFusion
  • Adobe Download Manager

Adobe Creative Cloud Desktop Application versions 5.1 and earlier
for Windows operating systems contain four vulnerabilities, one of
which is a critical symlink issue (CVE-2020-9682) leading to
arbitrary file system write attacks.

According to the advisory, the
other three important flaws in this Adobe software are privilege
escalation issues.
[1]

Adobe Media
Encoder contains two critical arbitrary code execution
(CVE-2020-9650 and CVE-2020-9646) and one important information
disclosure issues, affecting both Windows and macOS users running
Media Encoder version 14.2 or earlier.

Adobe Genuine
Service[3], a utility in Adobe
suite that prevents users from running non-genuine or cracked
pirated software, is affected by three important privilege
escalation issues. These flaws reside in software version
6.6 and earlier for Windows and macOS operating systems.

Adobe’s web-application development platform ColdFusion[4]
also suffers from two important severity privilege escalation
issues that can be carried out by exploiting the DLL search-order
hijacking attack.

At last, Adobe Download
Manager[5] has been found
vulnerable to only one flaw (CVE-2020-9688) that’s critical in
severity and could lead to arbitrary code execution in the current
user context through command injection attack.

The flaw affects Adobe Download Manager version 2.0.0.518 for
Windows and has been patched with the release of version 2.0.0.529
of the software.

None of the security vulnerabilities fixed in this batch of
Adobe updates were publicly disclosed or found being exploited in
the wild.

However, it’s still highly recommended that Adobe users download
and install the latest versions of the affected software to protect
their systems and businesses from potential cyber-attacks.

That’s also because many patches released in today’s batch have
received a priority rating of 2, meaning similar flaws have
previously been seen exploited in the wild, and for now, the
company has found no evidence of any exploitation of these
vulnerabilities.

[2]

References

  1. ^
    advisory
    (helpx.adobe.com)
  2. ^
    Adobe Media Encoder
    (helpx.adobe.com)
  3. ^
    Adobe Genuine Service
    (helpx.adobe.com)
  4. ^
    ColdFusion
    (helpx.adobe.com)
  5. ^
    Adobe Download Manager
    (helpx.adobe.com)

Read more

Leave a Reply

Powered By Anakyst UK Work done easy Discover Great Places People Websites in Nigeria. Be Discovered and Discover Great Places People Products & Websites in Nigeria. Tell us what you need to advertise online onradio ontv and where you want to advertise and discover talented publishers and advertisers within minutes for just a fraction of the cost!JobScout | Developed By Rara Theme. Powered by WordPress.