This time, multimedia and creativity software pioneer Adobe’s official ‘Adobe Security Bulletin’ web page has reported several vulnerabilities in three of its products; Adobe Premiere Pro, Adobe Photoshop, and finally Adobe Prelude. The multiple flaws affecting the three completely different software products were all reported on July 20th, 2021 by security researchers.
Details About The Adobe Vulnerabilities
The current vulnerabilities in the Adobe product line range are marked as critical. All of the vulnerabilities can lead to an attacker remotely compromising (controlling) a user’s system where arbitrary code can be executed via a ‘specially crafted file’. The vulnerabilities have been described as follows;
What is a Software Vulnerability?
According to the Berkman Klein Center For Internet & Society At Harvard University; ‘Software is not secure when it has defects or flaws which can be exploited by hackers to cause attacks such as unauthorized intrusion or denial of service attacks. Any public announcement about a software defect is termed as ‘vulnerability disclosure’.
The Adobe Priority And Severity Ratings System
All of the above vulnerabilities have been given a priority rating of 3, and a severity rating of critical. Adobe’s official web page offers insight into their priority and severity rating system, via which vulnerabilities are judged. The official scales are as follows; Source: https://helpx.adobe.com/security/severity-ratings.html Source: https://helpx.adobe.com/security/severity-ratings.html
Important Information For Users
Adobe has released software updates that address these issues. CQY of Topsec Alpha Team, Mat Powell of Trend Micro Zero Day Initiative, and Yongjun Liu of nsfocus security team have reported and worked on the issues to protect customers. Official information that will interest users of these software products is listed below. The latest information is as follows;
Adobe PremierePro 15.2 and earlier versions are affected (Windows and macOS) Adobe Photoshop 2020 21.2.9/2021 22.4.2 and earlier versions are affected (Windows and macOS) Adobe Prelude 10.0 and earlier versions are affected (Windows)
Adobe recommends that individual users immediately update all of the above software products to the latest version via the Creative Cloud desktop update mechanism. Users can also refer to the help Creative Cloud help page for installation and update tips. As for enterprise environments, Adobe recommends that IT administrators ‘can use the Admin Console to deploy Creative Cloud applications to end users’.
