Adobe patches 254 security flaws in Acrobat, AEM, Magento & more
In its latest security bulletin, Adobe has rolled out a massive security update, fixing over 200 vulnerabilities across its popular platforms, including Acrobat, Reader, AEM, InDesign, and Magento. This update is a significant move by the company to ensure the security and integrity of its products, which are widely used by individuals and businesses worldwide.
According to the security bulletin, Adobe has addressed a total of 254 security flaws, of which 189 are classified as critical. These vulnerabilities could have allowed attackers to take control of affected systems, steal sensitive data, or disrupt business operations. While Adobe has confirmed that none of these flaws are currently under active attack, it is still essential for users and businesses to apply these updates immediately to minimize the risk of exploitation.
The affected products and their corresponding vulnerabilities are:
- Acrobat and Reader: Adobe has fixed 83 vulnerabilities in its Acrobat and Reader products, including several critical flaws that could have allowed attackers to execute arbitrary code or access sensitive information.
- AEM: Adobe Experience Manager (AEM) is a popular platform for building and managing digital experiences. Adobe has addressed 55 vulnerabilities in AEM, including several critical flaws that could have allowed attackers to take control of the system or steal sensitive data.
- InDesign: Adobe InDesign is a popular desktop publishing software used by designers, artists, and publishers. Adobe has fixed 14 vulnerabilities in InDesign, including several critical flaws that could have allowed attackers to execute arbitrary code or access sensitive information.
- Magento: Adobe Magento is a popular e-commerce platform used by businesses worldwide. Adobe has addressed 20 vulnerabilities in Magento, including several critical flaws that could have allowed attackers to take control of the system or steal sensitive data.
The vulnerabilities addressed in this update are varied, including:
- Memory corruption vulnerabilities
- Buffer overflow vulnerabilities
- Improper input validation vulnerabilities
- Cross-site scripting (XSS) vulnerabilities
- Cross-site request forgery (CSRF) vulnerabilities
- Arbitrary code execution vulnerabilities
- Authentication bypass vulnerabilities
While Adobe has confirmed that none of these flaws are currently under active attack, it is still essential for users and businesses to apply these updates immediately to minimize the risk of exploitation. Failure to do so could result in serious consequences, including data breaches, system compromise, or reputational damage.
To apply these updates, users and businesses can follow these steps:
- Check for updates: Users and businesses can check for updates by visiting the Adobe website and clicking on the “Download” button for the affected product.
- Download and install updates: Once the update is downloaded, users and businesses should install it as soon as possible to ensure the security and integrity of their systems.
- Monitor for signs of exploitation: After installing the update, users and businesses should monitor their systems for signs of exploitation, including unusual network activity, system crashes, or data breaches.
In conclusion, Adobe’s latest security update is a significant move to ensure the security and integrity of its popular platforms, including Acrobat, Reader, AEM, InDesign, and Magento. While none of the vulnerabilities are currently under active attack, users and businesses should apply these updates immediately to minimize the risk of exploitation and protect their systems and data.
Source:
https://geekflare.com/news/adobe-fixes-200-security-flaws-in-acrobat-aem-indesign-magento/
