Security News

Adobe has released security updates to address critical severity security bugs affecting Windows and macOS versions of Adobe Lightroom and Adobe Prelude. In total, the company addressed four security vulnerabilities affecting three products, three of them rated as critical and one as an important severity bug in Adobe Experience Manager and the AEM Forms add-on package.

For December's Patch Tuesday bug bonanza, Microsoft handed out fixes for a mere 58 vulnerabilities while various other orgs addressed shortcomings in their own software in separate, parallel announcements. In a post on Monday to a Kubernetes mailing list, Apple software engineer Tim Allclair, a member of the Kubernetes Product Security Committee, outlined a medium severity bug by which an individual with the ability to create or edit services and pods could intercept traffic from other pods/nodes in the cluster.

Adobe Systems has stomped out critical-severity flaws across its Adobe Prelude, Adobe Experience Manager and Adobe Lightroom applications. This month's Adobe patch roundup included a critical cross-site scripting vulnerability in Adobe Experience Manager, the company's content-management solution for building websites, mobile apps and forms.

Adobe on Tuesday announced that security updates for its Prelude, Experience Manager and Lightroom products patch critical arbitrary code execution vulnerabilities. In the Windows and macOS versions of the Prelude video logging and ingest tool, Adobe fixed a critical uncontrolled search path issue that can lead to arbitrary code execution in the context of the targeted user.

Adobe on Tuesday informed customers that it has patched vulnerabilities in its Reader Mobile and Connect products, but none of them appears too serious. The company says the patches are already being rolled out to hosted services and they should become available for on-premises deployments later this week.

Adobe has released security updates to address vulnerabilities classified as 'Important' in Adobe Reader for Android and Adobe Connect. Adobe advises all customers to update the vulnerable products to the latest versions as soon as possible to block attacks that could attempt to exploit unpatched installations.

Adobe on Tuesday published updated versions of its Acrobat and Reader software to fix fourteen flaws, four of which have been designated "Critical." These updates should be installed as soon as possible to close off their vulnerabilities. Adobe generally issues patches on "Patch Tuesday," a date observed by many tech companies that falls on the second Tuesday of every month.

Adobe on Tuesday informed customers that it has patched over a dozen vulnerabilities in its Acrobat products, including critical flaws that can be exploited for arbitrary code execution. The company says it has fixed a total of 14 security holes in the Windows and macOS versions of Acrobat DC, Acrobat Reader DC, Acrobat 2020, Acrobat Reader 2020, Acrobat 2017, and Acrobat Reader 2017.

Adobe has fixed critical-severity flaws tied to four CVEs in the Windows and macOS versions of its Acrobat and Reader family of application software services. These critical flaws include a heap-based buffer overflow, out-of-bounds write glitch and two use-after free flaws.

Adobe has released security updates to address critical severity vulnerabilities affecting Adobe Acrobat and Reader for Windows and macOS that could enable attackers to execute arbitrary code on vulnerable devices. Adobe categorized the security updates as priority 2 updates which means that they address vulnerabilities with no public exploits in products that have "Historically been at elevated risk."