Adobe has recently announced security patches for a total of four products that were being affected by security vulnerabilities, including Adobe Photoshop, Bridge, and RoboHelp.
Critical Photoshop and Bridge vulnerabilities:
Adobe Photoshop is a wildly famous raster graphics editor developed and published by Adobe Inc. while Adobe Bridge is a free digital asset management app made by Adobe Systems.
Detailing the Photoshop vulnerabilities, the tech organization patched two critical buffer overflow vulnerabilities that could be potentially exploited for the arbitrary execution of code.
A buffer overflow vulnerability occurs when there is more data in a buffer than it can handle, causing data to overflow into adjacent storage.
This, in turn, can cause a system crash or create an entry point for a cyberattack.
The software giant was notified of the security vulnerabilities in Bridge by Trend Micro’s Zero Day Initiative.
The security patches deployed for Adobe Bridge resolved a total of four critical vulnerabilities that could promote code execution, including two memory corruption issues and two out-of-bounds write issues.
The Bridge security patches also resolve some data leak and privilege escalation flaws that were of consequential nature.
Adobe’s other security updates:
Among the other security fixes, Adobe RoboHelp was also addressed with a fix for an ‘important’ slated privilege escalation vulnerability.
RoboHelp is Adobe’s documentation authoring tool, mainly utilized for making online documentation and online help systems for desktop and web-based applications.
There was also the latest update of Adobe’s Digital Editions ebook reader for the macOS variant that patched up a critical arbitrary file system write bug for privilege escalation.
No active exploitation in the wild:
While a number of vulnerabilities and bugs were addressed in Adobe’s latest security update, none of the vulnerabilities had been reported for active exploitation in the wild, as was noted by the software organization.