Update your Adobe Acrobat, Reader, and Lightroom now to avoid critical code execution

0

Update your Adobe Acrobat, Reader, and Lightroom now to the latest version for avoiding critical code execution

Back in the month of May, Adobe fixed bugs and other vulnerabilities with a total of 36 vulnerabilities in its three products. Adobe pushed a security update for the three products to fix the vulnerabilities. Out of 36 vulnerabilities, 16 were classified as ‘Critical’ as they allow code execution or the bypassing of security features. Now the company has patched another 26 vulnerabilities that allowed attackers to execute critical code.

The company has released a new version of the Adobe Acrobat, Reader, and Lightroom which fixes critical code execution. Out of 26 vulnerabilities, eleven are classified as ‘Critical’ because they allow attackers to bypass security features or perform remote code execution on vulnerable computers.

With the remote code execution technique, the threat actor can abuse your system by running critical commands and leak data. It can also install multiple spyware and other software that copies your data and leaks it immediately. To avoid this exploitation it is strongly recommended to update your Adobe software to the latest version.

Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. Here are all the vulnerabilities that are patched by Adobe:

Vulnerability CategoryVulnerability ImpactSeverityCVE Number
Disclosure of Sensitive DataMemory LeakImportantCVE-2020-9697
Security bypassPrivilege EscalationImportantCVE-2020-9714
Out-of-bounds writeArbitrary Code ExecutionCriticalCVE-2020-9693

CVE-2020-9694

Security bypassSecurity feature bypassCriticalCVE-2020-9696

CVE-2020-9712

Stack exhaustionApplication denial-of-serviceImportantCVE-2020-9702

CVE-2020-9703

Out-of-bounds readInformation disclosureImportantCVE-2020-9723

CVE-2020-9705

CVE-2020-9706

CVE-2020-9707

CVE-2020-9710

CVE-2020-9716

CVE-2020-9717

CVE-2020-9718

CVE-2020-9719

CVE-2020-9720

CVE-2020-9721

Buffer errorArbitrary Code ExecutionCriticalCVE-2020-9698

CVE-2020-9699

CVE-2020-9700

CVE-2020-9701

CVE-2020-9704

Use-after-freeArbitrary Code ExecutionCriticalCVE-2020-9715

CVE-2020-9722

 

Security update available for Adobe Lightroom. Below are all the vulnerabilities that are patched by Adobe:

This type of attack is caused by the program insecurely loading a DLL when starting, which allows an attacker to load a malicious DLL instead.

Vulnerability CategoryVulnerability ImpactSeverityCVE Numbers
Insecure Library LoadingPrivilege escalationImportantCVE-2020-9724

 

These are all the vulnerabilities that are fixed by Adobe in its three software. For more news on tech and cybersecurity stay tuned on Android Rookies by subscribing to our newsletter from here.

Share.

About Author

Be Ready for the challenge

Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments