Adobe Patches Critical, Code Execution Flaws in Multiple Products

Adobe Patches Critical, Code Execution Flaws in Multiple Products

September 10, 2024 at 12:57PM

Adobe released patches for 28 security vulnerabilities across its products, warning of code execution attacks on both Windows and macOS systems. The most pressing issue affects Acrobat and PDF Reader, with two memory corruption vulnerabilities allowing arbitrary code execution. A critical Adobe ColdFusion flaw (CVE-2024-41874) with a severity score of 9.8/10 was also addressed. Professional hacking groups have exploited these vulnerabilities, prompting urgent action from Adobe.

Based on the meeting notes, the key takeaways are as follows:

1. Adobe released patches for at least 28 security vulnerabilities across a range of products, including Acrobat, PDF Reader, ColdFusion, Photoshop, Media Encoder, Audition, After Effects, Premiere Pro, and Illustrator.

2. Urgent issues affecting Acrobat and PDF Reader software involve memory corruption vulnerabilities that could be exploited to launch arbitrary code.

3. A critical-severity flaw in ColdFusion (CVE-2024-41874) with a CVSS severity score of 9.8/10 has been addressed.

4. Professional hacking gangs have targeted security issues in Adobe ColdFusion to launch attacks against US government agencies.

5. Vulnerabilities in Adobe Photoshop, Adobe Media Encoder, Adobe Audition, Adobe After Effects, Adobe Premiere Pro, and Adobe Illustrator were also addressed with security patches.

6. There has been increased attention to the issue of code execution vulnerabilities in Adobe products, with warnings and alerts being issued by various sources.

Please let me know if you need further details or clarification on any of the points.

Full Article