At least 39 security flaws across several Adobe products have been fixed by the software vendor as part of this month's Patch Tuesday, SecurityWeek reports.
Leading the patches is a major Adobe ColdFusion update that remediates seven critical vulnerabilities, which could be leveraged to facilitate arbitrary code execution, file system read, and privilege escalation. Aside from addressing a trio of critical Photoshop bugs and a lone defect in Illustrator, Adobe also patched several other critical code execution issues in its Dreamweaver, Connect, InDesign, and Lightroom offerings, which could be exploited to trigger denial-of-service intrusions. Additional critical flaws in Adobe Bridge, Adobe Dimension, Adobe Bridge, and Adobe Substance 3D Painter have also been fixed. Such a development comes as Microsoft disclosed remediations for five actively exploited zero-day vulnerabilities, including those impacting the Microsoft Scripting Engine and the Windows Common Log File System driver.
Leading the patches is a major Adobe ColdFusion update that remediates seven critical vulnerabilities, which could be leveraged to facilitate arbitrary code execution, file system read, and privilege escalation. Aside from addressing a trio of critical Photoshop bugs and a lone defect in Illustrator, Adobe also patched several other critical code execution issues in its Dreamweaver, Connect, InDesign, and Lightroom offerings, which could be exploited to trigger denial-of-service intrusions. Additional critical flaws in Adobe Bridge, Adobe Dimension, Adobe Bridge, and Adobe Substance 3D Painter have also been fixed. Such a development comes as Microsoft disclosed remediations for five actively exploited zero-day vulnerabilities, including those impacting the Microsoft Scripting Engine and the Windows Common Log File System driver.
