As you know by now, Microsoft isn’t the only company that has such a rollout on a monthly basis, so in this article, we’re going to talk about Adobe and some of the patches for their products. And, as we do every month, we will also include links to the download source, so you don’t have to scour the internet to find them.
28 CVEs got addressed this month by Adobe
Before we begin, however, let’s also take a look at what happened in January 2023, when Adobe released 29 CVEs in four patches for Adobe Acrobat and Reader, InDesign, InCopy, and Adobe Dimension. The highlight of last month’s release was definitely the Reader update which addressed a combination of 15 CVEs, eight of which were ranked Critical in severity. It should absolutely go without saying that the most severe of these could allow code execution if an attacker convinces a target to open a specially crafted PDF document. Now that that’s out of the way, let’s get back to the present and explore what the company has prepared for its users as a part of the February batch of patches. This month, February 2023, we are looking at security fixes for software such as Adobe Photoshop, Substance 3D Stager, Animate, InDesign, Bridge, FrameMaker, Connect, and After Effects.
Photoshop
Without any doubt one of the most used media editing platforms, Adobe makes sure Photoshop is always up to standards. The PhotoShop patch fixes five bugs, three of which are rated Critical, and an attacker could get arbitrary code execution if they can convince a user on an affected system to open a malicious file
Affected versions
Premier Rush
Don’t think we’re out of the woods just yet, as malicious third parties also target other Adobe-designed applications at the same time. Thus, this is the same scenario for Premier Rush, which corrects two Critical-rated code execution bugs. so keep that in mind as well.
Affected versions
Animate
If you are an Adobe Animate user, then you have to consider the possibility that your favorite software has been compromised as well. Yes, as Adobe mentioned on the support page, the Animate patch also fixes three similar critical code execution bugs.
Affected versions
Bridge
This one is a bit worse than everything we have presented so far, so please be mindful if you are an Adobe Bridge user. SPONSORED Security experts emphasized that the fix for Adobe Bridge fixes five Critical-rated code execution bugs plus two memory leaks
Affected versions
After Effects
There are a lot of us that rely on Adobe’s After Effects for perfecting our products, but this software isn’t immune to attacks. In fact, After Effects also has a memory leak to go along with three code execution bugs, just as some of its Adobe brothers do.
Affected versions
Frame Maker
Yes, there still are apps from Adobe that are going through the same ordeal, so the company had to do something quickly. Thus, the patch for FrameMaker also contains a mix of code execution and memory leak fixes, so the security patch is more than welcome.
Affected versions
This is the first time we mention Adobe Connect in such an article, but the company had to take some immediate measures. Note that the patch for Adobe Connect fixes a security feature bypass bug, although the company doesn’t provide any further info on what’s being bypassed.
Affected versions
InDesign
Please keep in mind that the fix for InDesign corrects a denial of service caused by a NULL pointer deref, just in case you didn’t know. Submit a support ticket to Adobe if you still experience problems after downloading and installing these security updates.
Affected versions
Last, but not least, the fix for Adobe Substance 3D Stager doesn’t actually address any new CVEs, so there’s no need to worry. That being said, Adobe is updating third-party libraries used by the 3D modeling tool, so there’s another detail to look forward to. Experts say none of the bugs fixed by Adobe this month are listed as publicly known or under active attack at the time of release. Have you found any other issues after downloading and installing these updates? Share your thoughts with us in the comments section below.
Name *
Email *
Commenting as . Not you?
Save information for future comments
Comment
Δ