Adobe users would feel lighter this month, as Adobe has released patches for just two security vulnerability in its March Security Update.
The company today released its monthly security updates to address two critical arbitrary code execution vulnerabilities—one in Adobe Photoshop CC and another in Adobe Digital Editions.
Upon successful exploitation, both critical vulnerabilities could allow an attacker to achieve arbitrary code execution in the context of the current user and take control of an affected system.
However, the good news is that the company found no evidence of any exploits in the wild for these security issues, Adobe said.
The vulnerability in Adobe Photoshop CC, discovered by Trend Micro Zero Day Initiative and assigned CVE-2019-7094, is a heap corruption issue which affects Photoshop CC 19.1.7 and earlier 19.x versions as well as Photoshop CC 20.0.2 and earlier 20.x versions for Microsoft Windows and Apple macOS operating systems.
Users are recommended to update their software to Adobe Photoshop CC version 19.1.8 and Photoshop CC version 20.0.4 for Windows and macOS.
The other critical vulnerability, assigned as CVE-2019-7095, resides in the company’s ebook reader software program, Adobe Digital Edition, is a heap overflow flaw that affects versions 184.108.40.206749 and below for Microsoft Windows operating system.
Users are advised to update their software to Adobe Digital Edition version 220.127.116.11048.
images from Hacker News