Register now for better personalized quote!

Weeks early: Adobe dumps massive security patch update

Oct, 27, 2021 Hi-network.com

Adobe has issued a vast security update targeting 14 products, including Lightroom, Photoshop, and InDesign. 

Recommends

The best security key

While robust passwords help you secure your valuable online accounts, hardware-based two-factor authentication takes that security to the next level.

Read now

On October 26, the tech giant issued over 80 patches for vulnerabilities, including critical code execution flaws, privilege escalation, denial-of-service, and memory leaks.  

Normally, Adobe waits to release batch security updates until the second Tuesday of each month in what is known as Patch Tuesday -- a practice also followed by companies including Microsoft. 

However, when the security of users calls for it, these vendors may release out-of-band or emergency patches -- one of the most notable over 2021 being Microsoft's fixes for zero-day bugs in Exchange Server that were being actively exploited in the wild.  

Adobe After Effects, Audition, Bridge, Character Animator, Prelude, Lightroom Classic, Illustrator, Media Encoder, Premiere Pro, Animate, Premiere Elements, InDesign, XMP Toolkit SDK, and Photoshop have all received new updates. 

Of note in this security update:

  • Photoshop: CVE-2021-42736, CVSS 7.8, buffer overflow leading to arbitrary code execution
  • XMP Toolkit SDK: CVE-2021-42529, CVE-2021-42530, CVE-2021-42531 (CVSS 7.8), buffer overflows, arbitrary code execution
  • Animate: Nine critical bugs, CVSS 7.8, arbitrary code execution
  • Premiere?Elements: CVE-2021-40785, CVSS 8.3, NULL Pointer Dereference, memory leaks
  • Character Animator: Three Access of Memory Location After End of Buffer flaws, CVSS 7.8, arbitrary code execution
  • Media Encoder: CVE-2021-40778, CVSS 8.3, NULL Pointer Dereference, memory leaks

The updates come at the same time as improvements in Adobe software were announced. Among the changes are upgrades to Photoshop and Illustrator to allow web access via URLs, improved masking and filters in Photoshop, the implementation of Frame.io in products, and the planned release of Canvas and Creative Cloud Spaces next year.

Previous and related coverage:

  • Adobe's Q3 earnings: Four takeaways on SMBs, Creative Cloud, customer experiences.
  • Adobe announces slate of improvements to Photoshop, Illustrator, Premiere and Lightroom.
  • Adobe rolls out new commerce capabilities for the post-cookie era.

Have a tip?Get in touch securely via WhatsApp Signal at +447713 025 499, or over at Keybase: charlie0


Security

8 habits of highly secure remote workersHow to find and remove spyware from your phoneThe best VPN services: How do the top 5 compare?How to find out if you are involved in a data breach -- and what to do next
  • 8 habits of highly secure remote workers
  • How to find and remove spyware from your phone
  • The best VPN services: How do the top 5 compare?
  • How to find out if you are involved in a data breach -- and what to do next

tag-icon Hot Tags : Tech Security

Copyright © 2014-2024 Hi-Network.com | HAILIAN TECHNOLOGY CO., LIMITED | All Rights Reserved.