Threats & Malware, Vulnerabilities
January 9, 2024
Via: The RegisterMicrosoft rang in the New Year with a relatively calm Patch Tuesday: Just 49 Windows security updates including fixes for two critical-rated bugs, plus four high-severity Chrome flaws in Microsoft Edge. None of the January CVEs are under active exploit, […]
Threats & Malware, Virus & Malware
October 11, 2023
Via: SecurityWeekThe Adobe Acrobat and Reader issue is CVE-2023-21608, a use-after-free vulnerability which can be exploited to achieve remote code execution (RCE) with the privileges of the current user. Adobe released patches for this flaw in January 2023, but numerous proof-of-concept […]
Threats & Malware, Vulnerabilities
July 18, 2023
Via: The Hacker NewsThreat actors are actively exploiting a recently disclosed critical security flaw in the WooCommerce Payments WordPress plugin as part of a massive targeted campaign. The flaw, tracked as CVE-2023-28121 (CVSS score: 9.8), is a case of authentication bypass that enables […]
Threats & Malware, Vulnerabilities
July 17, 2023
Via: Security AffairsAdobe warns customers of a critical ColdFusion pre-authentication remote code execution vulnerability, tracked as CVE-2023-29300 (CVSS score 9.8), that is actively exploited in attacks in the wild. “Adobe is aware that CVE-2023-29300 has been exploited in the wild in very […]
March 20, 2023
Via: Security WeekAcrobat Sign is a cloud service that allows registered users to sign, send, and track documents in real-time, as well as to send signature requests to anyone. When a signature request is sent, Acrobat Sign automatically generates and sends an […]
Threats & Malware, Vulnerabilities
October 12, 2021
Via: Security WeekAdobe has patched four vulnerabilities in Acrobat and Reader for Windows and macOS. Two of the flaws, described as use-after-free and out-of-bounds issues, have been classified as critical and they can lead to arbitrary code execution in the context of […]
Threats & Malware, Vulnerabilities
August 18, 2021
Via: Security AffairsAdobe released security updates to address two critical security vulnerabilities, tracked as CVE-2021-36065 and CVE-2021-36066, affecting the popular image manipulation software Photoshop. The flaws affect versions of the software for both Windows and macOS, their exploitation could lead to arbitrary code […]
Threats & Malware, Vulnerabilities
August 11, 2021
Via: Security AffairsAdobe security updates for August 2021 address a total of 29 flaws, including critical vulnerabilities in Magento and important issues in Adobe Connect: APSB21-64 Security updates available for Magento APSB21-66 Security update available for Adobe Connect Multiple critical vulnerabilities could be exploited […]
Threats & Malware, Vulnerabilities
July 22, 2020
Via: Security AffairsAdobe has released security updates to address several critical code execution vulnerabilities in its Bridge, Photoshop and Prelude products. “Adobe has published security bulletins for Adobe Bridge (APSB20-44), Adobe Photoshop (APSB20-45), Adobe Prelude (APSB20-46) and Adobe Reader Mobile (APSB20-50). Adobe […]
June 18, 2020
Via: Computer WeeklyCheck Point has discovered a sophisticated campaign of phishing attacks incorporating household names to gain a foothold on corporate networks and harvest login credentials stored on Microsoft Office 365 accounts. Cyber criminals hijacked an Oxford University email server to bombard […]
Threats & Malware, Vulnerabilities
June 17, 2020
Via: Security AffairsAdobe addressed 18 critical code execution vulnerabilities in its After Effects, Illustrator, Premiere Pro, Premiere Rush, and Audition products. The IT giant patched five critical out-of-bounds write (CVE-2020-9660, CVE-2020-9662), out-of-bounds read (CVE-2020-9661) and heap overflow (CVE-2020-9637, CVE-2020-9638) vulnerabilities in After […]
Threats & Malware, Vulnerabilities
May 20, 2020
Via: Security WeekAll of the security flaws were reported to Adobe by researcher Mat Powell of Trend Micro’s Zero Day Initiative (ZDI). Powell found the vulnerabilities in Character Animation, Premiere Rush, Premiere Pro, and Audition. The most serious of the vulnerabilities is […]
Threats & Malware, Vulnerabilities
April 29, 2020
Via: Security AffairsAdobe has released security updates that address multiple vulnerabilities in Adobe Illustrator, Bridge, and Magento, including some critical remote code execution flaws. The remote code execution flaws could be exploited by an attacker to execute commands in the security context […]
Threats & Malware, Vulnerabilities
March 19, 2020
Via: Naked SecurityNotice anything missing from last week’s Microsoft Patch Tuesday? Obscured by a long list of Microsoft patches and some fuss about a missing SMB fix, the answer is Adobe, which normally times its update cycle to coincide with the OS […]
October 29, 2019
Via: Hot for SecurityCreative software giant Adobe has issued a security notice confirming the embarrassing exposure of over 7 million user accounts, potentially leaving users vulnerable to phishing scams. On Friday, an Adobe blog entry titled “Security Update” disclosed that a misconfigured “environment” […]
September 30, 2019
Via: Security AffairsPhishers are abusing Google and Adobe open redirects to bypass spam filters and redirect users to malicious sites. Crooks abuse Google and Adobe services to create URLs that point to malicious websites that anyway are able to bypass security filters […]
Threats & Malware, Vulnerabilities
September 25, 2019
Via: Security AffairsAdobe released ColdFusion 2016 Update 12 and ColdFusion 2018 Update 5 to address three severe vulnerabilities in its ColdFusion web application development platform, two of them have been rated as “critical.” “Adobe has released security updates for ColdFusion versions 2018 […]
March 12, 2019
Via: Security AffairsAdobe Patch Tuesday updates for March 2019 address critical flaws in Photoshop CC and Digital Editions products. The updates address a heap overflow issue affecting the Digital Editions ebook reader software, the bug could be exploited by attackers to execute […]
March 4, 2019
Via: Security WeekAdobe has released out-of-band updates for its ColdFusion web application development platform to address a critical vulnerability that has been exploited in the wild. The zero-day flaw, tracked as CVE-2019-7816, has been described by the vendor as a file upload […]
January 23, 2019
Via: Security AffairsAdobe released security updates to address multiple XSS vulnerabilities in the Experience Manager and Experience Manager Forms that can lead to information disclosure. Adobe released security updates for the Experience Manager and Experience Manager Forms to address flaws that can […]