Saturday, January 23, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Adobe fixes critical code execution vulnerabilities in 2021’s first major patch round

January 13, 2021
in Internet Security
Adobe fixes critical code execution vulnerabilities in 2021’s first major patch round
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Adobe’s first major batch of security updates in 2021 resolves seven critical bugs that can lead to code execution. 

On Tuesday, the tech giant released separate security advisories describing the vulnerabilities now resolved in seven products. The impacted software is Photoshop, Illustrator, Animate, Bridge, InCopy, Captivate, and Campaign Classic. 

You might also like

As Bitcoin price surges, DDoS extortion gangs return in force

Hackers publish thousands of files after government agency refuses to pay ransom

Windows RDP servers are being abused to amplify DDoS attacks

The first security fix has been applied to the Photoshop image creation software on Windows and macOS machines. Tracked as CVE-2021-21006, the critical heap-based buffer overflow bug can be abused to trigger arbitrary code execution.  

Adobe Illustrator, on Windows PCs, is the subject of the firm’s second patch. The critical bug, CVE-2021-21007, is described as an uncontrolled search path element error that can also lead to code execution. 

The third critical problem, discovered in Adobe Animate on Windows machines, is the same kind of security flaw resulting in the same consequences. This vulnerability is tracked as CVE-2021-21008. 

Adobe Bridge, used to port and switch content between different forms of creative software — such as between Photoshop and Lightroom — is subject to a fix for CVE-2021-21012 and CVE-2021-21013, critical out-of-bounds write flaws leading to arbitrary code execution. 

Another uncontrolled search path element vulnerability was found in Adobe InCopy, tracked as CVE-2021-21010. This critical bug can also be weaponized for malicious code execution. 

In Adobe Campaign Classic, on Windows and Linux PCs, the company has tackled CVE-2021-21009, a critical server-side request forgery (SSRF) flaw that can be exploited for the purpose of sensitive information disclosure. 

A hotfix has also been issued for CVE-2021-21011, an uncontrolled search path element bug, deemed “important,” that was found in Windows-based versions of Adobe Captivate. If exploited, the vulnerability can lead to privilege escalation. 

It is recommended that users accept automatic updates where appropriate to update their builds and stay protected. 

Adobe thanked researchers from the nsfocus security team, Qihoo 360 CERT, Decathlon, Trend Micro’s Zero Day Initiative, and both Jamie Parfet and Saurabh Kumar for reporting the issues now resolved in the patch round. 

In December’s security update, the tech giant patched critical vulnerabilities in Adobe Lightroom, Prelude, and Experience Manager. 

Earlier this week, Adobe warned that the company has started to block Flash content worldwide in a bid to urge users to uninstall the software. 

While Flash was once a popular method to display animated content, the software is known for being riddled with security holes. As software best left as an artifact of 2000s website development, the company will no longer issue security fixes or updates. 

Previous and related coverage


Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0


Credit: Zdnet

Previous Post

Intel Adds Hardware-Enabled Ransomware Detection to 11th Gen vPro Chips

Next Post

Global Artificial Intelligence & Advanced Machine Learning Market Outlook Industry Analysis, Size, Share, Growth, Trends and Forecast, 2025

Related Posts

As Bitcoin price surges, DDoS extortion gangs return in force
Internet Security

As Bitcoin price surges, DDoS extortion gangs return in force

January 23, 2021
Ransomware victims aren’t reporting attacks to police. That’s causing a big problem
Internet Security

Hackers publish thousands of files after government agency refuses to pay ransom

January 22, 2021
Windows RDP servers are being abused to amplify DDoS attacks
Internet Security

Windows RDP servers are being abused to amplify DDoS attacks

January 22, 2021
Singapore widens security labelling to include all consumer IoT devices
Internet Security

Singapore widens security labelling to include all consumer IoT devices

January 22, 2021
QNAP warns users of a new crypto-miner named Dovecat infecting their devices
Internet Security

QNAP warns users of a new crypto-miner named Dovecat infecting their devices

January 22, 2021
Next Post
Global Artificial Intelligence & Advanced Machine Learning Market Outlook Industry Analysis, Size, Share, Growth, Trends and Forecast, 2025

Global Artificial Intelligence & Advanced Machine Learning Market Outlook Industry Analysis, Size, Share, Growth, Trends and Forecast, 2025

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

As Bitcoin price surges, DDoS extortion gangs return in force
Internet Security

As Bitcoin price surges, DDoS extortion gangs return in force

January 23, 2021
Sharing eBook With Your Kindle Could Have Let Hackers Hijack Your Account
Internet Privacy

Sharing eBook With Your Kindle Could Have Let Hackers Hijack Your Account

January 23, 2021
Red Kill Switch for AI Autonomous Systems May Not be a Life Saver
Artificial Intelligence

Red Kill Switch for AI Autonomous Systems May Not be a Life Saver

January 22, 2021
Fairness in Machine Learning Predictions – Web Hosting | Cloud Computing | Datacenter
Machine Learning

Fairness in Machine Learning Predictions – Web Hosting | Cloud Computing | Datacenter

January 22, 2021
Ransomware victims aren’t reporting attacks to police. That’s causing a big problem
Internet Security

Hackers publish thousands of files after government agency refuses to pay ransom

January 22, 2021
Missing Link in a ‘Zero Trust’ Security Model—The Device You’re Connecting With!
Internet Privacy

Missing Link in a ‘Zero Trust’ Security Model—The Device You’re Connecting With!

January 22, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • As Bitcoin price surges, DDoS extortion gangs return in force January 23, 2021
  • Sharing eBook With Your Kindle Could Have Let Hackers Hijack Your Account January 23, 2021
  • Red Kill Switch for AI Autonomous Systems May Not be a Life Saver January 22, 2021
  • Fairness in Machine Learning Predictions – Web Hosting | Cloud Computing | Datacenter January 22, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates