Security News > 2020 > March > A week after Patch Tuesday, Adobe drops security fixes for six offerings
Adobe failed to release security updates on March 2020 Patch Tuesday, but has pushed them out this Tuesday, for Acrobat and Reader, Photoshop, ColdFusion, Experience Manager, Bridge, and Genuine Integrity Service.
The heftiest updates are those for Photoshop and Acrobat and Reader for Windows and macOS. The Photoshop updates fix 16 vulnerabilities that could be exploited for arbitrary code execution in the context of the current user and 6 that could lead to disclosure of information.
The Acrobat and Reader updates contain fixes for 8 flaws that could be exploited for code execution, 3 for information disclosure and 1 for escalating privileges on compromised systems.
Users of the ColdFusion web-application development platform should also update as soon as possible to plug two holes: one that could allow an arbitrary file read from the Coldfusion install directory and another that could lead to arbitrary code execution of files located in the webroot or its subdirectory.
Adobe Bridge updates for Windows and macOS fix 2 two critical flaws, the Adobe Genuine Integrity Service update for Windows one insecure file permissions vulnerability that could be used for privilege escalation, and the Adobe Experience Manager updates plug a Server-side request forgery flaw that could lead to sensitive information disclosure.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/QRJcWvHklaM/
Related news
- October 2024 Patch Tuesday forecast: Recall can be recalled (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- Microsoft cleans up hot mess of Patch Tuesday preview (source)
- Patch Tuesday: Internet Explorer Vulnerabilities Still Pose a Problem (source)
- November 2024 Patch Tuesday forecast: New servers arrive early (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- Microsoft slips Task Manager and processor count fixes into Patch Tuesday (source)
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)