Security News > 2021 > October > Adobe’s Surprise Security Bulletin Dominated by Critical Patches
Out of 92 security vulnerabilities, 66 are rated critical in severity, mostly allowing code execution.
Adobe has dropped a mammoth out-of-band security update this week, addressing 92 vulnerabilities across 14 products.
The lion's share of the bugs allow access to a memory location after the end of a buffer, leading to ACE. Also, almost all of the critical problems rate 7.8 on the CVSS vulnerability severity scale, except for one type.
The fixes come two weeks after Adobe released its normal monthly Patch Tuesday patches.
A company spokesperson characterized the release as "Planned" rather than an emergency response - and indeed, Adobe said in its advisories that there's no evidence that any of the bugs are being exploited in the wild.
"While we strive to release regularly scheduled updates on Patch Tuesday, occasionally these regularly scheduled security updates are released on non-Patch Tuesday dates," a company spokesperson told the Register.
News URL
https://threatpost.com/critical-patches-adobe-security-bulletin/175825/
Related news
- Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution (source)
- Don't Overlook These 6 Critical Okta Security Configurations (source)
- Two Actively Exploited Security Flaws in Adobe and Oracle Products Flagged by CISA (source)
- 89% of Enterprise GenAI Usage Is Invisible to Organizations Exposing Critical Security Risks, New Report Reveals (source)