Adobe Photoshop Should Be Updated To Address Security Issues
Do you use Adobe Photoshop, Bridge, or Prelude? If so, and even if you’re not normally quick to apply security patches issued by the company, you’ll want to give the most recent patch from Adobe priority.
The company’s most recent patch addresses an even dozen critical security flaws that could allow an attacker to execute arbitrary code on Windows machines.
On top of that, the latest patch fixes an issue with Adobe Reader Mobile for Android users that fixes an information disclosure bug.
Here’s a quick summary:
The version of Adobe Bridge you want to install is 10.1.1, which addresses the issues tracked as:
- CVE-2020-9675 (Out of Bounds Read)
- CVE-2020-9674 (Out of Bounds Write)
- CVE-2020-9676 (Out of Bounds Write)
For Adobe Photoshop, grab version CC 2019.20.0.10 or CC 21.2.1, both of which address the issues tracked as:
- CVE-2020-9683 (Out of Bounds Read)
- CVE-2020-9686 (Out of Bounds Read)
- CVE-2020-9684 (Out of Bounds Write)
- CVE-2020-9685 (Out of Bounds Write)
- CVE-2020-9687 (Out of Bounds Write)
Finally, if you’re an Adobe Reader Mobile user with an Android device, the version you want to install is Adobe Reader Mobile 20.3, which addresses the issue tracked as CVE-2020-9663.
If there’s a silver lining to the issues addressed by these patches it is in the fact that if the user has standard privileges on a Windows-based machine, the risks addressed by these patches will be significantly reduced.
Even so, that’s not something that holds true for everyone. Even if you’re not in the habit of installing security patches right away, you’ll definitely want to make an exception for these.
Eric is a Business IT cybersecurity advisor, consultant, manager, integrator, and protector who founded EVERNET in 2007. Eric co-hosts a podcast called “Finance and Technology Insights by Brian & Eric” on YouTube. Eric is a regular contributor to the EVERNET blog, writing about the latest technology news and providing his expertise in cyber security prevention and management. Meet with our CEO and say goodbye to one-size-fits-all IT support and cybersecurity.