Adobe has released its Patch Tuesday’s set of updates for August 2019.
It includes fixes for 118 vulnerabilities in a list of Adobe’s products such as After Effects, Character Animator, Premiere Pro, Prelude, Creative Cloud, Acrobat and Reader, Experience Manager, and Photoshop products. The company believes that none of the discovered vulnerabilities were exploited in the wild as no such evidence was found.
Adobe Published Several Security Bulletins in Patch Tuesday August 2019
In a blog post, the company says that it has published security bulletins for Adobe After Effects CC (APSB19-31), Adobe Character Animator CC (APSB19-32), Adobe Premiere Pro CC (APSB19-33), Adobe Prelude CC (APSB19-35), Adobe Creative Cloud Desktop Application (APSB19-39), Adobe Acrobat and Reader (APSB19-41), Adobe Experience Manager (APSB19-42) and Adobe Photoshop CC (APSB19-44).
The highest number of vulnerabilities (75) was fixed in Adobe Acrobat and Reader for both Windows and macOS. Most of these issues are related to memory corruption that could lead to arbitrary code execution and information disclosure. The good news is that all of the flaws are rated important and unlikely to be exploited in actual attacks.
Other 34 vulnerabilities, including several critical out-of-bounds write, type confusion, heap overflow and command injection issues were fixed in Photoshop CC, again for both Windows and macOS. The flaws allow for arbitrary code execution in the context of the current user, but again, their exploitation is not that likely.
Additional four vulnerabilities were addressed in the Creative Cloud Desktop Application for Windows and macOS, two of which are critical as they enable privilege escalation and arbitrary code execution.
Finally, five vulnerabilities were fixed in in each of the following products – Effects, Character Animation, Premiere Pro CC, Prelude CC and Experience Manager (AEM), Adobe fixed five vulnerabilities. Users should update their products as soon as possible to avoid any related issues by following the corresponding security bulletins.