[BreachExchange] Adobe Patches Major Security Flaws in PDF Reader, Photoshop

[Sophia Kingsbury]

https://www.securityweek.com/adobe-patches-major-security-flaws-pdf-reader-photoshop

Adobe’s product security response machine revved into high gear this week
with the release of multiple patches for gaping security holes in widely
deployed software products.

According to the San Jose, Calif. software maker, this month’s batch of
patches address a swathe of potentially dangerous vulnerabilities in Adobe
Acrobat and Reader, Adobe Photoshop, and the ever-present Adobe Creative
Cloud Desktop Application.

The most serious of the vulnerabilities could allow attackers to take
complete control of a Windows or macOS machine with minimal user action.
In some cases, malicious exploits can be triggered remotely to hijack
unpatched machines, Adobe warned.

Windows and MacOS users and network administrators are encouraged to
prioritize the Adobe Acrobat and Reader update, a patch that provides cover
for at least five memory corruption vulnerabilities that expose users to
remote code execution attacks.

“These updates address multiple critical vulnerabilities. Successful
exploitation could lead to arbitrary code execution in the context of the
current user,” Adobe said.

The company issued a separate bulletin to document a pair of potentially
dangerous buffer overflow flaws in Adobe Photoshop that expose both Windows
and macOS users to code execution attacks.

The Adobe Patch Tuesday rollout for June also covers security problems in
Adobe Connect, Adobe Experience Manager, and Adobe Robohelp Server.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210611/1e392fb8/attachment.html>