Security News

It's not 'Patch Tuesday,' but software giant Adobe today released emergency updates for three of its widely used products that patch dozens of newly discovered critical vulnerabilities. The list of affected software includes Adobe Illustrator, Adobe Bridge, and Magento e-commerce platform, containing a total of 35 vulnerabilities where each one of them is affected with multiple critical arbitrary code execution flaws.

It's not 'Patch Tuesday,' but software giant Adobe today released emergency updates for three of its widely used products that patch dozens of newly discovered critical vulnerabilities. The list of affected software includes Adobe Illustrator, Adobe Bridge, and Magento e-commerce platform, containing a total of 35 vulnerabilities where each one of them is affected with multiple critical arbitrary code execution flaws.

Adobe released security patches for vulnerabilities in its ColdFusion, After Effects and Digital Editions applications. Overall Adobe patched flaws tied to five CVEs as part of its regularly scheduled security updates, Tuesday.

Adobe has patched five vulnerabilities in its ColdFusion, After Effects and Digital Editions products, but none of the flaws appears too serious. In ColdFusion 2016 and 2018, Adobe addressed three important-severity vulnerabilities related to insufficient input validation, DLL hijacking, and improper access control.

Adobe unveiled the Adobe Digital Economy Index, the first real-time barometer of the digital economy, which analyzes trillions of online transactions across 100 million product SKUs in 18 product categories. Growing at a faster pace than the economy as a whole, the digital economy has never been more important than during the COVID-19 pandemic as consumers and businesses across the globe grapple with a digital-only reality.

Adobe has released another security patch outside of its usual routine this month to deal with a strange bug that can allow attackers to delete victims' files. Creative Cloud is a subscription-based service that lets users access its range of creative software products from Adobe online, and to use some cloud-based services that support them.

Adobe has issued a patch for a critical flaw that can be exploited to delete files from Windows computers running the Creative Cloud client. "Successful exploitation could lead to arbitrary File Deletion in the context of the current user," Adobe said in its bulletin today.

Creative Cloud acts as a central console for desktop users to quickly launch, manage and update their Adobe apps, such as Photoshop, Acrobat, Illustrator and more. "Adobe recommends users update their product installations to the latest versions using the instructions referenced in the security bulletin."

A critical vulnerability patched on Tuesday by Adobe in its Creative Cloud desktop application can be exploited by hackers to delete arbitrary files. Adobe Creative Cloud is a set of applications and services used for video editing, graphic design, photography and web development.

Microsoft informed customers on Monday that it's working on patches for two Windows zero-day vulnerabilities that can be exploited for remote code execution. According to Microsoft, the vulnerabilities exist due to the way the Windows Adobe Type Manager library handles a "Specially-crafted multi-master font - Adobe Type 1 PostScript format."