Security News > 2020 > July > Adobe Discloses Critical Code-Execution Bugs in July Update
Adobe has released its scheduled July 2020 security updates, covering flaws in five different product areas: Creative Cloud Desktop; Media Encoder; Download Manager; Genuine Service; and ColdFusion.
"Updates to both Adobe Download Manager and Media Encoder address critical vulnerabilities that could lead to arbitrary code execution," Justin Knapp, product marketing manager at Automox, told Threatpost.
Adobe has released patches for four different flaws in its Creative Cloud Desktop Application for Windows, including a critical flaw allowing arbitrary file system writes.
The Adobe Genuine Service for Windows and macOS meanwhile, which periodically validates already-installed Adobe software to root out incorrect and invalid licenses, and pirated software, has three important vulnerabilities.
The July patch update is light compared to Adobe's usual slew of monthly security fixes, but that may be because the company issued an out-of-band update for 18 critical vulnerabilities in mid-June.
News URL
https://threatpost.com/adobe-critical-code-execution-bugs-july/157420/
Related news
- Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution (source)
- Apache fixes critical OFBiz remote code execution vulnerability (source)
- Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution (source)
- Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk (source)