Pictured: Adobe headquarters in San Jose, California. Adobe patched 26 bugs on Patch Tuesday in August 2020. (Lisa Werner/Contributor)
For the August version of Patch Tuesday, Adobe Techniques these days supplied fixes for 26 vulnerabilities — 11 critical — in Acrobat and Reader and just one in its picture business and manipulation software Lightroom Common.
Nine of the 11 critical flaws can outcome in arbitrary code execution. Two are brought on by out-of-bounds generate situations (CVE-2020-9693, CVE-2020-9694), 5 are recognized as 5 errors (CVE-2020-9698, CVE-2020-9699, CVE-2020-9700, CVE-2020-9701, CVE-2020-9704), and two are use-soon after-no cost bugs (CVE-2020-9715, CVE-2020-9722). The last two critical vulnerabilities are a pair of security function bypass flaws (CVE-2020-9696, CVE-2020-9712).
Adobe also fixed 15 essential bugs, with repercussions that contain memory leak, privilege escalation, application denial of support and info disclosure.
The vulnerabilities have been mounted in the newly produced edition 2020.012.20041 of Acrobat DC and Reader, edition 2020.001.30005 of Acrobat 2020 and Acrobat Reader 2020, version 2017.011.30175 Acrobat 2017 and Acrobat Reader 2017, and model 2015.006.30527 of Acrobat 2015 and Acrobat Reader 2015.
Adobe also mounted an critical privilege escalation bug in Lightroom Common for Windows, with the launch of edition 9.3.
Richard Melick, senior technological product or service supervisor at Automox, famous how last month Adobe declared two out-of-band security updates in the months adhering to the company’s formal Patch Tuesday [1, 2]. “Whether this is due to the elevated usage, and thus data collection, of their products with more individuals [working] remote or an raise in vulnerability investigation, the uptick in releases displays promise for Adobe’s tactic to item security,” he mentioned. However, “With a patch unveiled every 7 days from Adobe, it also shows that ready right up until Patch Tuesday to research and deploy the updates could be leaving endpoints susceptible to known vulnerabilities.”