Adobe security updates for April 2023 are here! This time, the multinational software company has released security updates that address multiple vulnerabilities in its popular software products and services. According to Adobe, attackers can exploit these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following advisories and apply the necessary Adobe Security updates. The following are some of the Adobe products and services that have been affected.
On April 11, 2023, Adobe discovered the Adobe Digital Editions vulnerability, CVE-2023-21582, with a priority rating of 3. The affected products include 4.5.11.187303 and earlier Adobe Digital Editions for Windows versions. This vulnerability falls under the category of an out-of-bounds write (CWE-787), which can lead to arbitrary code execution with a severity rating of critical. Adobe recommends that users update their software installations as soon as possible.
The Adobe InCopy vulnerability, CVE-2023-22235, was published on April 11, 2023, with a priority score of 3. This vulnerability is also critical, and successful exploitation can lead to arbitrary code execution. The affected versions include 18.1 and earlier versions for both macOS and Windows operating systems. Adobe recommends that users update their software installations via the Creative Cloud desktop app updater or by navigating to the InCopy Help menu and clicking “Updates.
Several vulnerabilities have been discovered in Adobe Acrobat and Reader, with the following CVE numbers: CVE-2023-26395, CVE-2023-26396, CVE-2023-26397, CVE-2023-26405, CVE-2023-26406, CVE-2023-26407, CVE-2023-26408, CVE-2023-26417, CVE-2023-26418, CVE-2023-26419, CVE-2023-26420, CVE-2023-26421, CVE-2023-26422, CVE-2023-26423, CVE-2023-26424, and CVE-2023-26425.
Various security researchers, including Mark Vincent Yason, AbdulAziz Hariri, and Qingyang Chen, discovered these vulnerabilities. Adobe recommends that users update their software installations to the latest versions by choosing Help > Check for Updates. The products will update automatically when updates are detected.
Adobe has also released security updates to address the Adobe Substance 3D Stager vulnerability. This vulnerability can lead to arbitrary code execution with a severity rating of critical. The affected versions include version 12.4.0 and earlier versions of Adobe Substance 3D Designer for macOS and Windows operating systems.
In conclusion, Adobe security updates are crucial in addressing the vulnerabilities found in its software products. Users are advised to update their software installations to the latest versions to ensure their systems’ safety and security. Users are also encouraged to follow best cybersecurity practices to safeguard their systems against potential attacks.
The Chrome Stable Channel Update fixes 21 security vulnerabilities, including a high-risk code smuggling vulnerability actively exploited in the wild.
The Mercor data breach reveals growing risks in open-source tools, with attackers exploiting LiteLLM to impact thousands of companies worldwide.
On Monday, the Axios npm supply chain attack came to light where malicious packages had been inserted into one of…
Interestingly, the Kash Patel email hack also triggered a wave of misinformation.
A Jennifer Cox Interview on why security automation is a people problem, not a technology one.
Hijacked Axios maintainer npm Account pushed malicious versions with a RAT, affecting macOS, Windows, and Linux systems across the JavaScript…
This website uses cookies. By continuing to use this website you are giving consent to cookies being used.
Read More