Darknet

Adobe Security Patch – Critical Security Issues Fixed With Adobe Illustrator & Media Encoder

Adobe released security patches that fix critical and  important vulnerabilities with Adobe Bridge CC, Adobe Media Encoder, Adobe Illustrator and Adobe Animate CC.

These vulnerabilities allow an attacker to escalate privileges, steal sensitive information and execute arbitrary code with user consent.

APSB19-34 – Adobe Animate CC

The update resolves insecure library loading vulnerability that could result in privilege escalation. It affects Animate CC 2019 19.2.1 and earlier versions, fixed with version 20.0.

The vulnerability can be tracked as CVE-2019-7960 and rated as Important.

APSB19-53 – Adobe Bridge CC

The security update fixes multiple vulnerabilities that would occur when parsing malformed SVG images, successful exploitation results in information disclosure in the context of the current user. 

It affects Adobe Bridge CC 9.1 and earlier versions, fixed with Adobe Bridge CC 10.0. The vulnerabilities can be tracked as CVE-2019-8239, CVE-2019-8240 and rated as Important.

APSB19-52 – Adobe Media Encoder

The security release covers both critical and  multiple important file parsing vulnerabilities, if the attackers manage to exploit the vulnerability it results in information disclosure with the context of the user.

The vulnerability affects Adobe Media Encoder 13.1 and earlier versions, fixed with 14.0. The vulnerabilities can be tracked as CVE-2019-8241, CVE-2019-8242, CVE-2019-8243, CVE-2019-8244, and CVE-2019-8246.

APSB19-36 – Adobe Illustrator

The update resolves critical and important vulnerabilities with Adobe Illustrator that could results in arbitrary code execution in the context of the current user.

The vulnerability affects Illustrator CC 2019 23.1 and earlier versions, fixed with version 24.0. The vulnerabilities can be tracked as CVE-2019-7962, CVE-2019-8247, and CVE-2019-8248.

Adobe recommends users update their product installations to the latest versions using the instructions referenced in the bulletin.

Also, Microsoft released security updates Fixed 74 Bugs Including IE Zero-day That Allow Hackers to Execute Arbitrary Code Remotely in Windows PC.

You can follow us on LinkedinTwitterFacebook for daily Cyber Security and hacking news updates.

Guru

Gurubaran is a Security Consultant, Security Editor & Co-Founder of Cyber Security News & GBHackers On Security.

Recent Posts

Defend Ransomware Attacks With Top Effective Proactive Measures in 2024

We're currently living in an age where digital threats loom large. Among these, ransomware has…

44 mins ago

GoTitan Botnet Actively Exploiting Apache ActiveMQ Vulnerability

Attackers are exploiting the recently discovered critical security vulnerability tracked as (CVE-2023-46604) affecting Apache ActiveMQ…

17 hours ago

Cybercriminals are Showing Hesitation to Utilize AI When Executing Cyber Attacks

Media reports highlight the sale of LLMs like WormGPT and FraudGPT on underground forums. Fears…

18 hours ago

Vigil: Open-source Security Scanner for LLM Models Like ChatGPT

An open-source security scanner, developed by Git Hub user Adam Swanda, was released to explore…

18 hours ago

Slovenia’s Biggest Power Provider has Suffered a Cyberattack

One of Slovenia's major power providers, HSE, has recently fallen victim to a significant cyberattack.…

19 hours ago

Genesis Market Technique: Hackers Exploited Node.js and EV Certificates

In the labyrinthine landscape of cyber threats, the Trend Micro Managed XDR team has uncovered…

21 hours ago