Adobe has today released patches for 13 vulnerabilities spotted in its Photoshop, Bridge, and Prelude softwares. Out of 13, 12 vulnerabilities were considered critical and led Adobe to issue out-of-band updates. These were reported by a security researcher from Trend Micro, who said these bugs can be exploited for remote code execution by hackers.
Adobe Releases Out-of-band Updates to Patch Critical Bugs
Adobe’s Photoshop, and even most of their products are being used by numerous across the world. These are praised for being highly resourceful, and be used by high-end professionals in creative works. Since having any critical vulnerabilities could dump all of their work at once, Adobe comes to rescue with patches for all of them.
As found by Mat Powell, a security researcher at Trend Micro’s Zero Day Initiative (ZDI), Adobe’s Photoshop, Bridge, and Prelude softwares are having bugs that could let any remote hackers execute malicious code. This was taken seriously by Adobe and have released patches today for all of them.
Starting with Adobe’s widely known Photoshop, it has five vulnerabilities like CVE-2020-9683, CVE-2020-9686 as reading issues, and CVE-2020-9684, CVE-2020-9685, and CVE-2020-9687 as write issues. These are existing in Photoshop CC 2019 versions 20.0.9 and earlier, and also in Photoshop 2020 versions 21.2 and earlier in Windows.
In Adobe’s Bridge software, vulnerabilities as CVE-2020-9675, read issue and CVE-2020-9674, CVE-2020-9676 as write issues were identified in versions 10.1.1 for both macOS and Windows.
And in Adobe’s Prelude, CVE-2020-9677 and CVE-2020-9679 as reading issues and CVE-2020-9678 and CVE-2020-9680 as write issues. These issues can help an attacker to execute arbitrary code in the target’s systems using these outdated softwares.