Patchday Adobe: Malicious code gaps threaten InDesign, Photoshop & Co.
Adobe has prepared various applications against possible attacks. The software manufacturer classifies some gaps as critical.
Important security updates have been released for Adobe Animate, Commerce, Dimension, FrameMaker, Illustrator, InCopy, InDesign, Photoshop, Substance 3D Modeler, Substance 3D Painter, Substance 3D Sampler, Substance 3D Stager and Substance 3D Viewer. So far there have been no reports of attacks.
Secure systems
As the list of patches is beyond the scope of this report, admins can find them in the Adobe alerts linked below this article. In almost all cases, the macOS and Windows versions of the respective applications are vulnerable.
If attackers successfully exploit security vulnerabilities, they can mainly provoke memory errors and thus push and execute their code on PCs. However, they can also leak content from the memory. Attackers can also gain higher user rights or bypass security features.
Videos by heise
Adobe classifies many software vulnerabilities as “critical.” Based on the CVSS score, the threat level is “high.” Nevertheless, administrators should update their applications promptly to prevent possible attacks.
- Animate
- Commerce
- Dimension
- FrameMaker
- Illustrator
- InCopy
- InDesign
- Photoshop
- Substance 3D Modeler
- Substance 3D Painter
- Substance 3D Sampler
- Substance 3D Stager
- Substance 3D Viewer
(des)
