Darknet

Adobe Security Patch – Critical Security Issues Fixed With Adobe Illustrator & Media Encoder

Adobe released security patches that fix critical and  important vulnerabilities with Adobe Bridge CC, Adobe Media Encoder, Adobe Illustrator and Adobe Animate CC.

These vulnerabilities allow an attacker to escalate privileges, steal sensitive information and execute arbitrary code with user consent.

APSB19-34 – Adobe Animate CC

The update resolves insecure library loading vulnerability that could result in privilege escalation. It affects Animate CC 2019 19.2.1 and earlier versions, fixed with version 20.0.

The vulnerability can be tracked as CVE-2019-7960 and rated as Important.

APSB19-53 – Adobe Bridge CC

The security update fixes multiple vulnerabilities that would occur when parsing malformed SVG images, successful exploitation results in information disclosure in the context of the current user. 

It affects Adobe Bridge CC 9.1 and earlier versions, fixed with Adobe Bridge CC 10.0. The vulnerabilities can be tracked as CVE-2019-8239, CVE-2019-8240 and rated as Important.

APSB19-52 – Adobe Media Encoder

The security release covers both critical and  multiple important file parsing vulnerabilities, if the attackers manage to exploit the vulnerability it results in information disclosure with the context of the user.

The vulnerability affects Adobe Media Encoder 13.1 and earlier versions, fixed with 14.0. The vulnerabilities can be tracked as CVE-2019-8241, CVE-2019-8242, CVE-2019-8243, CVE-2019-8244, and CVE-2019-8246.

APSB19-36 – Adobe Illustrator

The update resolves critical and important vulnerabilities with Adobe Illustrator that could results in arbitrary code execution in the context of the current user.

The vulnerability affects Illustrator CC 2019 23.1 and earlier versions, fixed with version 24.0. The vulnerabilities can be tracked as CVE-2019-7962, CVE-2019-8247, and CVE-2019-8248.

Adobe recommends users update their product installations to the latest versions using the instructions referenced in the bulletin.

Also, Microsoft released security updates Fixed 74 Bugs Including IE Zero-day That Allow Hackers to Execute Arbitrary Code Remotely in Windows PC.

You can follow us on LinkedinTwitterFacebook for daily Cyber Security and hacking news updates.

Guru Baran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

Bondnet Using High-Performance Bots For C2 Server

Threat actors abuse high-performance bots to carry out large-scale automated attacks efficiently. These bots can…

18 hours ago

Discord-Based Malware Attacking Orgs Linux Systems In India

Linux systems are deployed mostly in servers, in the cloud, and in environments that are…

18 hours ago

New Moonstone Sleet North Korean Actor Deploying Malicious Open Source Packages

In December 2023, we reported on how North Korean threat actors, particularly Jade Sleet, have…

21 hours ago

Life360 Breach: Hackers Accessed the Tile Customer Support Platform

Life360, a company known for its family safety services, recently fell victim to a criminal…

22 hours ago

Microsoft Delays Release of Controversial Windows AI Recall Tool Amid Privacy Concerns

Microsoft has announced that it will delay the broad release of its AI-powered Recall feature…

1 day ago

SmokeLoader – A Modular Malware With Range Of Capabilities

Hackers misuse malware for diverse illicit intentions, including data theft, disrupting systems, espionage, or distortion…

2 days ago