Security News > 2020 > May > Adobe “out of band” critical patch – get your update now!
Adobe just published a foursome of very tight-lipped security notifications about new patches.
The bulletin APSB20-26 actually came out last week, on Patch Tuesday, leaving a gap at -25, suggesting that at least the patch in bulletin APSB20-15 was prepared in time for Patch Tuesday but didn't make the final cut, perhaps to give it time for additional testing or tweaking.
Adobe has released an update for Adobe Character Animator for Windows and macOS. This update resolves a stack-based buffer overflow vulnerability that could lead to remote code execution.
Buffer overflows happen when a programmer doesn't leave enough space in memory for data that might later arrive and therefore creates the possibility for one chunk of malformed data to overwrite other data that's used elsewhere in the program.
That's bad enough because you typically lose unsaved work or end up with messed-up data after a crash, and a buffer overflow that can be abused to trigger crashes at will is the sort of security bug that's aptly named Denial of Service, or DoS for short.
News URL
https://nakedsecurity.sophos.com/2020/05/21/adobe-out-of-band-critical-patch-get-your-update-now/
Related news
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits (source)
- VMware fixes bad patch for critical vCenter Server RCE flaw (source)
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
- Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble (source)