Adobe Security Update for Premiere Pro, InDesign & Bridge
.webp "Adobe Safety Exchange for Premiere Pro, InDesign & Bridge")
Adobe has released predominant security updates for its broadly-feeble tool merchandise: Premiere Pro, InDesign, and Bridge.
The updates, identified as APSB24-46, APSB24-forty eight, and APSB24-51, respectively, had been in the starting keep posted and remaining up to this point on July 9, 2024.
These updates plan to address several vulnerabilities that may per chance per chance per chance doubtlessly be exploited by malicious actors, posing predominant risks to users’ info and machine integrity.
Most recent Product Safety Updates
Vital Vulnerability in Adobe Premiere Pro
Adobe has released updates for Adobe Premiere Pro for Home windows and macOS to address a extreme vulnerability. Worthwhile exploitation of this vulnerability may per chance per chance per chance lead to arbitrary code execution.
Affected Variations
| Product | Version | Platform |
|---|---|---|
| Adobe Premiere Pro | 24.4.1 and earlier | Home windows, macOS |
| Adobe Premiere Pro | 23.6.5 and earlier | Home windows, macOS |
Vulnerability Puny print
| Vulnerability Category | Vulnerability Affect | Severity | CVSS putrid score | CVE Numbers |
|---|---|---|---|---|
| Untrusted Search Course (CWE-426) | Arbitrary code execution | Vital | 7.0 | CVE-2024-34123 |
Vital Vulnerabilities in Adobe InDesign
Adobe has released a predominant security replace for InDesign, addressing several extreme vulnerabilities that, if successfully exploited, may per chance per chance per chance doubtlessly lead to arbitrary code execution.
Affected Variations
| Product | Affected version | Platform |
| Adobe InDesign | ID19.3 and earlier version. | Home windows and macOS |
| Adobe InDesign | ID18.5.2 and earlier version | Home windows and macOS |
Vulnerability Puny print
| Vulnerability Category | Vulnerability Affect | Severity | CVSS putrid score | CVE Number |
|---|---|---|---|---|
| Heap-primarily based Buffer Overflow (CWE-122) | Arbitrary code execution | Vital | 7.8 | CVE-2024-20781 |
| Out-of-bounds Write (CWE-787) | Arbitrary code execution | Vital | 7.8 | CVE-2024-20782 |
| Heap-primarily based Buffer Overflow (CWE-122) | Arbitrary code execution | Vital | 7.8 | CVE-2024-20783 |
| Heap-primarily based Buffer Overflow (CWE-122) | Arbitrary code execution | Vital | 7.8 | CVE-2024-20785 |
Vital Vulnerabilities in Adobe Bridge
Adobe has released a security replace for Adobe Bridge, addressing extreme vulnerabilities that may per chance per chance per chance lead to arbitrary code execution and memory leaks.
Affected Variations
| Product | Version | Platform |
|---|---|---|
| Adobe Bridge | 13.0.7 and earlier versions | Home windows and macOS |
| Adobe Bridge | 14.1 and earlier versions | Home windows and macOS |
Vulnerability Puny print
| Vulnerability Category | Vulnerability Affect | Severity | CVSS putrid score | CVE Numbers |
|---|---|---|---|---|
| Integer Overflow or Wraparound (CWE-190) | Arbitrary code execution | Vital | 7.8 | CVE-2024-34139 |
| Out-of-bounds Read (CWE-125) | Memory leak | Crucial | 5.5 | CVE-2024-34140 |
PSIRT’s Role in Safety
The Product Safety Incident Response Crew (PSIRT) at Adobe has performed a predominant role in enforcing the firm’s vulnerability disclosure program.
PSIRT gives a centralized level of contact for potentialities, companions, pen-testers, and security researchers to document security vulnerabilities in Adobe merchandise and services.
By encouraging the external security neighborhood to repeat security components privately, PSIRT minimizes risks to potentialities, Adobe’s infrastructure, and the logo.
This collaborative manner underscores Adobe’s commitment to placing forward the glorious security standards for its users.
Adobe Premiere Pro, InDesign, and Bridge users are strongly instantaneous to set up these updates without delay to safeguard their programs.
The security patches address vulnerabilities that, if left unpatched, would be exploited to earn arbitrary code, leading to doable info breaches or machine compromises.
Adobe’s latest product security updates present detailed info and steerage on the reported security components, guaranteeing users can take the predominant steps to present protection to their tool and info.
Users can focus on over with the legitimate Adobe security page for more info on the most fresh security updates and to direct Adobe of any security components.
Staying knowledgeable and proactive about tool updates is predominant in this day’s digital panorama, where security threats constantly evolve.
Source credit : cybersecuritynews.com
