Monday, April 19, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Adobe Experience Manager, InDesign, Framemaker receive fixes for critical bugs in new update

September 9, 2020
in Internet Security
Adobe Experience Manager, InDesign, Framemaker receive fixes for critical bugs in new update
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Adobe’s latest round of security updates fixes severe bugs in Experience Manager, InDesign, and Framemaker. 

The largest patch tackles Adobe Experience Manager (AEM) versions 6.5.5.0, 6.4.8.1, 6.3.3.8 and earlier, as well as 6.2 SP1-CFP20 and earlier. Versions of the AEM Forms add-on package Service Pack 5 and earlier are also affected. 

You might also like

Security crucial as 5G connects more industries, devices

Google releases Chrome 90 with HTTPS by default and security fixes

SolarWinds: US and UK blame Russian intelligence service hackers for major cyberattack

Five critical vulnerabilities, including reflected and stored cross-site scripting issues, have been resolved in AEM. The bugs are tracked as CVE-2020-9732, CVE-2020-9734, CVE-2020-9740, CVE-2020-9741, and CVE-2020-9742. 

Two of the security issues, CVE-2020-9732 and CVE-2020-9734, specifically relate to the Forms service pack. 

Each security flaw, if left unpatched, can lead to arbitrary JavaScript execution in the browser.

See also: Microsoft: We’re ending support for Adobe Flash, here’s how

Six other bugs, deemed important, have also been resolved in AEM. CVE-2020-9733 is described as an “execution with unnecessary privileges” issue that can lead to information disclosure if abused, whereas CVE-2020-9743 is a browser-based arbitrary HTML injection vulnerability. 

In addition, CVE-2020-9735, CVE-2020-9736, CVE-2020-9737, and CVE-2020-9738 are stored cross-site scripting security flaws that can lead to arbitrary JavaScript execution in a browser.

Adobe has also updated a range of software dependencies, including Handlebars.js, Lodash.js, Log4j, and Dom4j. 

In this month’s security round, the software giant has patched a total of five vulnerabilities in Adobe InDesign. The bugs, impacting versions 15.1.1 and below, “could lead to arbitrary code execution in the context of the current user,” according to Adobe. 

Each security issue — CVE-2020-9727, CVE-2020-9728, CVE-2020-9729, CVE-2020-9730, and CVE-2020-9731 — is described as a memory corruption flaw.

Adobe Framemaker, a document processor for large documents, has also received a security update. Two critical vulnerabilities, an out-of-bounds read and stack-based buffer overflow issue (CVE-2020-9726, CVE-2020-9725), could lead to arbitrary code execution if exploited. 

CNET: 5 online cybersecurity courses to help you become a pro and explore a new job

“While none of the vulnerabilities disclosed in Adobe’s release are known to be actively attacked today, all patches should be prioritized on systems with these products installed,” says Jimmy Graham, Senior Director of Product Management at Qualys. 

The tech giant thanked researchers from Trend Micro and Fortinet’s FortiGuard Labs for disclosing some of the security issues. 

Adobe’s last security patch, issued in September, tackled 26 critical and important bugs in Acrobat and Reader. In total, 11 could be used in remote code execution attack chains. 

TechRepublic: How SMBs are overcoming key challenges in cybersecurity

Adobe Flash has been a frequent entrant to security update lists for many years. Microsoft, Adobe, Apple, Facebook, Google, and Mozilla intend to end support for the software by the end of 2020, and earlier this week, Microsoft clarified its timeline for removing Flash support for Microsoft Edge and Internet Explorer 11. After this time, Adobe will also no longer issue security fixes for the software. 

In related news, Microsoft’s latest round of security fixes resolved 129 vulnerabilities across 15 products, including 20 critical remote code execution flaws. 

Previous and related coverage


Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0


Credit: Zdnet

Previous Post

Cybercriminals Are Using Legit Cloud Monitoring Tools As Backdoor

Next Post

Machine Learning in Medicine Market 2020-2025 : analysis examined in new market research report

Related Posts

Security crucial as 5G connects more industries, devices
Internet Security

Security crucial as 5G connects more industries, devices

April 17, 2021
Google releases Chrome 90 with HTTPS by default and security fixes
Internet Security

Google releases Chrome 90 with HTTPS by default and security fixes

April 17, 2021
SolarWinds cybersecurity spending tops $3 million in Q4, sees $20 million to $25 million in 2021
Internet Security

SolarWinds: US and UK blame Russian intelligence service hackers for major cyberattack

April 17, 2021
Google Project Zero testing 30-day grace period on bug details to boost user patching
Internet Security

Google Project Zero testing 30-day grace period on bug details to boost user patching

April 17, 2021
Cyberattack on UK university knocks out online learning, Teams and Zoom
Internet Security

Cyberattack on UK university knocks out online learning, Teams and Zoom

April 17, 2021
Next Post

Machine Learning in Medicine Market 2020-2025 : analysis examined in new market research report

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Machine Learning Helps Optimize Therapeutic Antibodies
Machine Learning

Machine Learning Helps Optimize Therapeutic Antibodies

April 18, 2021
Researchers at MIT DAI Lab Have Recently Built Cardea: A Machine Learning Framework That Turns Health Care Data Into Insights
Machine Learning

Researchers at MIT DAI Lab Have Recently Built Cardea: A Machine Learning Framework That Turns Health Care Data Into Insights

April 18, 2021
Automating Drug Discovery With Machine Learning
Machine Learning

Automating Drug Discovery With Machine Learning

April 18, 2021
Twitter aims to fight bias by examining its own machine learning algorithms
Machine Learning

Twitter aims to fight bias by examining its own machine learning algorithms

April 18, 2021
Make Machine Learning Interpretable with Shapash
Machine Learning

Make Machine Learning Interpretable with Shapash

April 18, 2021
Why the Patent Classification System Needs an Update
Machine Learning

Why the Patent Classification System Needs an Update

April 18, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Machine Learning Helps Optimize Therapeutic Antibodies April 18, 2021
  • Researchers at MIT DAI Lab Have Recently Built Cardea: A Machine Learning Framework That Turns Health Care Data Into Insights April 18, 2021
  • Automating Drug Discovery With Machine Learning April 18, 2021
  • Twitter aims to fight bias by examining its own machine learning algorithms April 18, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates