Security News

Adobe on Tuesday warned that a gaping security hole in one of the most widely deployed software products has been exploited in the wild in "Limited attacks targeting Adobe Reader users on Windows." Adobe's confirmation of the zero-day attack was buried in a security bulletin that documents at least 11 security vulnerabilities affected Adobe Acrobat and Reader on both Windows and MacOS platforms.

Adobe this week announced the open-source availability of 'One-Stop Anomaly Shop', a new tool designed to help security teams discover anomalies in datasets. Building on previous research, white papers, and other projects from Adobe's Security Intelligence Team, OSAS out-of-the-box allows researchers to experiment with datasets, control data processing and feature combining, and help identify a solution for detecting security threats.

Adobe on Tuesday announced patches for vulnerabilities in four of its products, including critical code execution flaws affecting Photoshop and Bridge. In Photoshop, the company fixed two critical buffer overflow bugs that can be exploited for arbitrary code execution in the context of the targeted user.

Cracked copies of Microsoft Office and Adobe Photoshop are stealing browser session cookies and Monero cryptocurrency wallets from tightwads who install the pirated software, Bitdefender has warned. As many Reg readers will no doubt be aware, cracked software is a legitimate application that has had its registration or licensing features removed.

Adobe has released security patches tackling four critical vulnerabilities in Adobe Bridge, along with other critical and important-rated updates for bugs in Adobe Digital Editions, Adobe Photoshop and RoboHelp. In all, Adobe fixed 10 security holes in its products during its scheduled April updates, seven of them listed as critical.

Adobe has released security updates that address security vulnerabilities in Adobe Photoshop, Adobe Digital Editions, Adobe Bridge, and RoboHelp. In total, the company addressed ten security vulnerabilities affecting four products, with seven of them rated as critical as they allow arbitrary code execution or arbitrary file writes.

Adobe has released out-of-band security updates to address a critical vulnerability impacting ColdFusion versions 2021, 2016, and 2018. Today's emergency updates patch an arbitrary code execution security flaw caused by an Improper Input Validation software vulnerability.

In an unscheduled security update, Adobe is warning of a critical security flaw in its ColdFusion platform, used for building web applications. Further information on the flaw - including where in ColdFusion it exists, and how difficult it is to exploit, were not addressed; Threatpost has reached out to Adobe for further comment.

Adobe has released an urgent patch for a potentially dangerous security vulnerability in Adobe ColdFusion, the platform used for building and deploying mobile and web apps. "These updates resolve a critical vulnerability that could lead to arbitrary code execution," Adobe said in an advisory.

Adobe has issued patches for a slew of critical security vulnerabilities, which, if exploited, could allow for arbitrary code execution on vulnerable Windows systems. Affected products include Adobe's Framemaker document processor, designed for writing and editing large or complex documents; Adobe's Connect software used for remote web conferencing; and the Adobe Creative Cloud software suite for video editing.