Security News > 2020 > October > Adobe Fixes 16 Critical Code-Execution Bugs Across Portfolio

Adobe Fixes 16 Critical Code-Execution Bugs Across Portfolio
2020-10-20 18:31

Adobe has released 18 out-of-band security patches in 10 different software packages, including fixes for critical vulnerabilities that stretch across its product suite.

There are 16 critical bugs, all of which allow arbitrary code execution in the context of the current user.

"Coupled with the fact that these vulnerabilities are in critical technologies like Marketo and most of the Adobe Creative Cloud applications, this could leave sensitive marketing data and creative IP exposed to destruction or IP theft by potential adversaries. Organizations should move to quickly patch these vulnerabilities within the 72-hour window in order to minimize exposure and maintain a high level of cyber-hygiene."

Illustrator contains seven bugs affecting Illustrator 2020 for Windows, 24.2 and earlier versions.

Adobe Dreamweaver 20.2 and earlier versions for Windows and macOS contains an uncontrolled search-path element bug that could allow privilege escalation.


News URL

https://threatpost.com/adobe-critical-code-execution-bugs/160369/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Adobe 105 47 824 1650 622 3143