Tag: Adobe

January 9, 2024

Microsoft rang in the New Year with a relatively calm Patch Tuesday: Just 49 Windows security updates including fixes for two critical-rated bugs, plus four high-severity Chrome flaws in Microsoft Edge. None of the January CVEs are under active exploit, […]

October 11, 2023

The Adobe Acrobat and Reader issue is CVE-2023-21608, a use-after-free vulnerability which can be exploited to achieve remote code execution (RCE) with the privileges of the current user. Adobe released patches for this flaw in January 2023, but numerous proof-of-concept […]

July 18, 2023

Threat actors are actively exploiting a recently disclosed critical security flaw in the WooCommerce Payments WordPress plugin as part of a massive targeted campaign. The flaw, tracked as CVE-2023-28121 (CVSS score: 9.8), is a case of authentication bypass that enables […]

July 17, 2023

Adobe warns customers of a critical ColdFusion pre-authentication remote code execution vulnerability, tracked as CVE-2023-29300 (CVSS score 9.8), that is actively exploited in attacks in the wild. “Adobe is aware that CVE-2023-29300 has been exploited in the wild in very […]

March 20, 2023

Acrobat Sign is a cloud service that allows registered users to sign, send, and track documents in real-time, as well as to send signature requests to anyone. When a signature request is sent, Acrobat Sign automatically generates and sends an […]

October 12, 2021

Adobe has patched four vulnerabilities in Acrobat and Reader for Windows and macOS. Two of the flaws, described as use-after-free and out-of-bounds issues, have been classified as critical and they can lead to arbitrary code execution in the context of […]

August 18, 2021

Adobe released security updates to address two critical security vulnerabilities, tracked as CVE-2021-36065 and CVE-2021-36066, affecting the popular image manipulation software Photoshop. The flaws affect versions of the software for both Windows and macOS, their exploitation could lead to arbitrary code […]

August 11, 2021

Adobe security updates for August 2021 address a total of 29 flaws, including critical vulnerabilities in Magento and important issues in Adobe Connect: APSB21-64 Security updates available for Magento APSB21-66 Security update available for Adobe Connect Multiple critical vulnerabilities could be exploited […]

July 22, 2020

Adobe has released security updates to address several critical code execution vulnerabilities in its Bridge, Photoshop and Prelude products. “Adobe has published security bulletins for Adobe Bridge (APSB20-44), Adobe Photoshop (APSB20-45), Adobe Prelude (APSB20-46) and Adobe Reader Mobile (APSB20-50). Adobe […]

June 18, 2020

Check Point has discovered a sophisticated campaign of phishing attacks incorporating household names to gain a foothold on corporate networks and harvest login credentials stored on Microsoft Office 365 accounts. Cyber criminals hijacked an Oxford University email server to bombard […]

June 17, 2020

Adobe addressed 18 critical code execution vulnerabilities in its After Effects, Illustrator, Premiere Pro, Premiere Rush, and Audition products. The IT giant patched five critical out-of-bounds write (CVE-2020-9660, CVE-2020-9662), out-of-bounds read (CVE-2020-9661) and heap overflow (CVE-2020-9637, CVE-2020-9638) vulnerabilities in After […]

May 20, 2020

All of the security flaws were reported to Adobe by researcher Mat Powell of Trend Micro’s Zero Day Initiative (ZDI). Powell found the vulnerabilities in Character Animation, Premiere Rush, Premiere Pro, and Audition. The most serious of the vulnerabilities is […]

April 29, 2020

Adobe has released security updates that address multiple vulnerabilities in Adobe Illustrator, Bridge, and Magento, including some critical remote code execution flaws. The remote code execution flaws could be exploited by an attacker to execute commands in the security context […]

March 19, 2020

Notice anything missing from last week’s Microsoft Patch Tuesday? Obscured by a long list of Microsoft patches and some fuss about a missing SMB fix, the answer is Adobe, which normally times its update cycle to coincide with the OS […]

October 29, 2019

Creative software giant Adobe has issued a security notice confirming the embarrassing exposure of over 7 million user accounts, potentially leaving users vulnerable to phishing scams. On Friday, an Adobe blog entry titled “Security Update” disclosed that a misconfigured “environment” […]

September 30, 2019

Phishers are abusing Google and Adobe open redirects to bypass spam filters and redirect users to malicious sites. Crooks abuse Google and Adobe services to create URLs that point to malicious websites that anyway are able to bypass security filters […]

September 25, 2019

Adobe released ColdFusion 2016 Update 12 and ColdFusion 2018 Update 5 to address three severe vulnerabilities in its ColdFusion web application development platform, two of them have been rated as “critical.” “Adobe has released security updates for ColdFusion versions 2018 […]

March 12, 2019

Adobe Patch Tuesday updates for March 2019 address critical flaws in Photoshop CC and Digital Editions products. The updates address a heap overflow issue affecting the Digital Editions ebook reader software, the bug could be exploited by attackers to execute […]

March 4, 2019

Adobe has released out-of-band updates for its ColdFusion web application development platform to address a critical vulnerability that has been exploited in the wild. The zero-day flaw, tracked as CVE-2019-7816, has been described by the vendor as a file upload […]

January 23, 2019

Adobe released security updates to address multiple XSS vulnerabilities in the Experience Manager and Experience Manager Forms that can lead to information disclosure. Adobe released security updates for the Experience Manager and Experience Manager Forms to address flaws that can […]