Adobe Updates Some Of Their Products Due To Critical Issues

Adobe Updates Some Of Their Products Due To Critical Issues
September 15, 2020

Adobe continues to have problems associated with JavaScript.

As a consequence, they have released new patches for Experience Manager, InDesign, and Framemaker.

Of these, the patch for Experience Manager is the largest, and addresses a total of five critical vulnerabilities, tracked as:

  • CVE-2020-9732
  • CVE-2020-9734
  • CVE-2020-9740
  • CVE-2020-9741
  • CVE-2020-9742

Each of these bugs, can, if left unpatched, lead to arbitrary JavaScript execution in the browser.

In addition, the latest Experience Manager patch addresses six other issues deemed serious, including one that is described as an “execution with unnecessary privileges” that can lead to information disclosure.

If you’re running Experience Manager 6.5.5.0, 6.4.8.1, 6.3.3.8 and earlier, or version 6.2 SP1-CFP20 and earlier, then your system is vulnerable.

The patch for InDesign addresses a total of five vulnerabilities, all described as memory corruption flaws, and are tracked as:

  • CVE-2020-9727
  • CVE-2020-9728
  • CVE-2020-9729
  • CVE-2020-9730
  • CVE-2020-9731

These flaws impact InDesign versions 15.11 and below.

Finally, the Framemaker patch addresses two critical security vulnerabilities, tracked as CVE-2020-9726, and CVE-2020-9725. Both of these, if exploited, impact all supported versions of the program.

The company has stressed that none of the flaws addressed in their most recent product patches are currently being used in the wilds, but if you use any of the products listed above, you should make installing the latest patches a priority in order to minimize your risk. After all, it’s just a matter of time.

Kudos to Adobe for their fast action on addressing these flaws, but here’s hoping the company can finally get their arms around the issues they’ve been having with their product line soon. The last patch the company released for their popular Acrobat reader addressed 26 bugs of serious or critical importance, and of course, their beleaguered Flash Player has caused no end of trouble for the company and the folks who rely on it.

In any case, these are important patches, and if you use the software mentioned above, they deserve priority.

Used with permission from Article Aggregator

Free Report

If you want to have any hope of avoiding a cyber-attack, you MUST read this report and act on the information we’re providing.

The 8 Most Critical IT Security Protections Every Business Must Have In Place Now To Protect Themselves From Cybercrime, Data Breaches And Hacker Attacks








    8 Critical Free Report