Adobe fixes Critical vulnerabilities in Photoshop, Bridge and other products

Adobe has patched Critical vulnerabilities in Photoshop, Bridge, Digital Editions and RoboHelp.

An attacker could exploit these vulnerabilities and potentially take over impacted systems.

Adobe Photoshop

The Adobe Photoshop security update (APSB21-28) addresses two Critical buffer overflow vulnerabilities CVE-2021-28548 and CVE-2021-28549.

Adobe warned that a successful exploitation could lead to arbitrary code execution in the context of the current user.           

Adobe Bridge

The Adobe Bridge security update (APSB21-23) addresses four Critical vulnerabilities:

• CVE-2021-21093 and CVE-2021-21092: Memory corruption
• CVE-2021-21094 and CVE-2021-21095: Out-of-bounds write.

Adobe warned that a successful exploitation could lead to arbitrary code execution in the context of the current user.           

Moreover, the security update also fixed two Important vulnerabilities that could result in privilege escalation of information disclosure.

Adobe Digital Editions 

The Adobe Digital Editions security update (APSB21-26) addresses one Critical privilege escalation vulnerability CVE-2021-21100.

Adobe warned that a successful exploitation could lead to arbitrary file system write.

Adobe RoboHelp

Finally, the Adobe RoboHelp security update (APSB21-20) addresses one Critical vulnerability CVE-2021-21070 that could lead to privilege escalation if exploited.

Readers can also check out the Adobe Product Security page for more details on all of the latest Adobe security updates.

• Microsoft April 2021 Security Updates, includes fixes for Critical Exchange Server vulnerabilities
• Adobe releases security updates for Adobe Acrobat and Reader, other products (CVE-2021-21017 exploited in wild)
• Chrome security update (89.0.4389.128) fixes 2 zero-days exploited in the wild