Security News > 2020 > July > Adobe Discloses Critical Code-Execution Bugs in July Update

Adobe Discloses Critical Code-Execution Bugs in July Update
2020-07-14 17:02

Adobe has released its scheduled July 2020 security updates, covering flaws in five different product areas: Creative Cloud Desktop; Media Encoder; Download Manager; Genuine Service; and ColdFusion.

"Updates to both Adobe Download Manager and Media Encoder address critical vulnerabilities that could lead to arbitrary code execution," Justin Knapp, product marketing manager at Automox, told Threatpost.

Adobe has released patches for four different flaws in its Creative Cloud Desktop Application for Windows, including a critical flaw allowing arbitrary file system writes.

The Adobe Genuine Service for Windows and macOS meanwhile, which periodically validates already-installed Adobe software to root out incorrect and invalid licenses, and pirated software, has three important vulnerabilities.

The July patch update is light compared to Adobe's usual slew of monthly security fixes, but that may be because the company issued an out-of-band update for 18 critical vulnerabilities in mid-June.


News URL

https://threatpost.com/adobe-critical-code-execution-bugs-july/157420/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Adobe 105 47 824 1650 622 3143