Adobe Monthly Security Update (April 2023)
Release Date: 12 Apr 2023
RISK: Medium Risk
TYPE: Clients - Productivity Products
Adobe has released monthly security update for their products:
| Vulnerable Product | Risk Level | Impacts | Notes | Details (including CVE) |
| Adobe Digital Editions |  Medium Risk | Remote Code Execution | APSB23-04 | |
| Adobe InCopy | Medium Risk | Remote Code Execution | APSB23-13 | |
| Adobe Acrobat and Reader | Medium Risk | Remote Code Execution Elevation of Privilege Information Disclosure Security Restriction Bypass | APSB23-24 | |
| Adobe Substance 3D Stager | Medium Risk | Remote Code Execution Information Disclosure | APSB23-26 | |
| Adobe Dimension | Medium Risk | Remote Code Execution Information Disclosure | APSB23-27 | |
| Adobe Substance 3D Designer | Medium Risk | Remote Code Execution | APSB23-28 |
Number of 'Extremely High Risk' product(s): 0
Number of 'High Risk' product(s): 0
Number of 'Medium Risk' product(s): 6
Number of 'Low Risk' product(s): 0
Evaluation of overall 'Risk Level': Medium Risk
Impact
- Elevation of Privilege
- Information Disclosure
- Remote Code Execution
- Security Restriction Bypass
System / Technologies affected
- Adobe Digital Editions 4.5.11.187303 and earlier versions
- Adobe InCopy 18.1 and earlier versions
- Adobe InCopy 17.4 and earlier versions
- Acrobat DC 23.001.20093 and earlier versions
- Acrobat Reader DC 23.001.20093 and earlier versions
- Acrobat 2020 20.005.30441 and earlier versions
- Acrobat Reader 2020 20.005.30441 and earlier versions
- Adobe Substance 3D Stager 2.0.1 and earlier versions
- Adobe Dimension 3.4.8 and earlier versions
- Adobe Substance 3D Designer 12.4.0 and earlier versions
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update
沒有留言:
發佈留言