adobe: If you use Photoshop, Lightroom or these Adobe apps, you are under ‘high’ risk – Times of India
The Indian Computer Emergency Response Team under the IT ministry has issued a new warning for Adobe apps users. The high severity warning is for users of Adobe Photoshop, Premiere Pro, Lightroom, Premiere Rush, After Effects, Dimension, Experience Manager, Media Encoder, Connect and Audition. As per the warning, multiple vulnerabilities have been reported in Adobe products which can be exploited by someone to escalate privileges, perform
remote code execution, cross-site scripting, data manipulation, execute arbitrary code, cause memory leak, security restriction bypass, information disclosure, and denial of service on the targeted system.
The warning further reveals that these vulnerabilities exist in Adobe products due to use-after-free flaw, out-of-bounds read, buffer overflow, improper restriction of XML external entity reference (XXE), improper validation of user-supplied input, access of memory location after end of buffer, out-of-bounds write error, access of uninitialized pointer and NULL pointer dereference.
To avoid the exploitation, users should update the Adobe app on their devices. The Indian Computer Emergency Response Team’s official website has links that can guide you to the update pages for the above mentioned apps. Here are the exact versions of the apps that are under risk.
remote code execution, cross-site scripting, data manipulation, execute arbitrary code, cause memory leak, security restriction bypass, information disclosure, and denial of service on the targeted system.
The warning further reveals that these vulnerabilities exist in Adobe products due to use-after-free flaw, out-of-bounds read, buffer overflow, improper restriction of XML external entity reference (XXE), improper validation of user-supplied input, access of memory location after end of buffer, out-of-bounds write error, access of uninitialized pointer and NULL pointer dereference.
To avoid the exploitation, users should update the Adobe app on their devices. The Indian Computer Emergency Response Team’s official website has links that can guide you to the update pages for the above mentioned apps. Here are the exact versions of the apps that are under risk.
- Adobe Premiere Rush version 1.5.16 and prior for Windows
- Adobe Experience Manager (AEM) version AM Cloud Service (CS) and prior for all
- Adobe Experience Manager (AEM) version 6.5.10.0 and prior for all
- Adobe Connect version 11.3 and prior for all
- Photoshop 2021 version. 22.5.3 and prior for Windows and macOS
- Photoshop 2022 version 23.0.2 and prior for Windows and macOS
- Adobe Prelude version 22.0 and prior for Windows
- Adobe After Effects version 22.0 and prior for Windows and macOS
- Adobe After Effects version 18.4.2 and prior for Windows and macOS
- Adobe Dimension version 3.4.3 and prior for Windows and macOS
- Adobe Premiere Pro version 22.0 and prior for Windows and macOS
- Adobe Premiere Pro version 15.4.2 and prior for Windows and macOS
- Adobe Media Encoder version 22.0 and prior for Windows and macOS
- Adobe Media Encoder version 15.4.2 and prior for Windows and macOS
- Lightroom version 4.4 and prior for Windows
- Adobe Audition version 22.0 and prior for Windows and macOS
- Adobe Audition version 14.4 and prior for Windows and macOS
Apart from this, the CERT-In has also issued a warning for users of Android 9, Android 10, Android 11 and Android 12. As per the warning, multiple vulnerabilities have been reported in the operating system which can be exploited by someone to execute arbitrary code, obtain sensitive information and gain elevated privileges on the targeted system.
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.
Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.
