Just a single 7 days right after issuing its previous batch of patches, Adobe Units has issued additional security updates repairing 13 vulnerabilities, 12 of them critical out-of-bounds read through or create flaws that can lead to arbitrary code execution in either Prelude, Photoshop or Bridge.
Just one further bug of “important” severity was all found in Cellular Reader, for all Android versions.
Adobe has credited Mat Powell of TrendMicro’s Zero Working day Initiative with discovering the critical vulnerabilities. SC Media arrived at out to TrendMicro and gained supplemental details from Dustin Childs, communications manager at ZDI.
“These bugs are file parsing bugs that could direct to code execution if an attacker can encourage anyone to open a destructive file or browse to a specifically crafted web-site,” claimed Childs. “Of the ones patched now, the bugs for Photoshop are in all probability a lot more critical just because it has a broader person base than the other affected solutions.”
Childs reported that the file structure varieties impacted by today’s patches are MOV, MP4, and 3GP. “You really should generally use warning when opening these kinds of information, specially if they come from an not known supply,” he famous.
Prelude is fixed with the release of edition 9..1, Photoshop is amended with variations 20..10 and 21.2.1, Bridge is current with edition 10.1.1, and Cell Reader is fastened with model 20.3.
On July 14, Adobe issued patches fixing 13 vulnerabilities — 4 critical –spread out amid 5 products and solutions, including Obtain Supervisor, ColdFusion, Genuine Service, Media Encoder and the Imaginative Cloud Desktop Application.