Adobe today released software updates to patch a total of 13 new security vulnerabilities affecting 5 of its widely used applications.
Out of these 13 vulnerabilities, four have been rated critical, and nine are important in severity.
The affected products that received security patches today include:
- Adobe Creative Cloud Desktop Application
- Adobe Media Encoder
- Adobe Genuine Service
- Adobe ColdFusion
- Adobe Download Manager
Adobe Creative Cloud Desktop Application versions 5.1 and earlier for Windows operating systems contain four vulnerabilities, one of which is a critical symlink issue (CVE-2020-9682) leading to arbitrary file system write attacks.
According to the advisory, the other three important flaws in this Adobe software are privilege escalation issues.
Adobe Media Encoder contains two critical arbitrary code execution (CVE-2020-9650 and CVE-2020-9646) and one important information disclosure issues, affecting both Windows and macOS users running Media Encoder version 14.2 or earlier.
Adobe Genuine Service, a utility in Adobe suite that prevents users from running non-genuine or cracked pirated software, is affected by three important privilege escalation issues….