Adobe Monthly Security Update (November 2024)
Release Date: 13 Nov 2024
RISK: Medium Risk
TYPE: Clients - Productivity Products
Adobe has released monthly security update for their products:
| Vulnerable Product | Risk Level | Impacts | Notes | Details (including CVE) |
| Adobe Bridge |  Medium Risk | Information Disclosure Denial of Service | APSB24-77 | |
| Adobe Audition | Medium Risk | Information Disclosure | APSB24-83 | |
| Adobe After Effects | Medium Risk | Remote Code Execution Information Disclosure | APSB24-85 | |
| Substance 3D Painter | Medium Risk | Remote Code Execution Information Disclosure Denial of Service | APSB24-86 | |
| Adobe Illustrator | Medium Risk | Remote Code Execution Information Disclosure Denial of Service | APSB24-87 | |
| Adobe InDesign | Medium Risk | Remote Code Execution Information Disclosure | APSB24-88 | |
| Adobe Photoshop | Medium Risk | Remote Code Execution | APSB24-89 | |
| Adobe Commerce | Medium Risk | Remote Code Execution | APSB24-90 |
Number of 'Extremely High Risk' product(s): 0
Number of 'High Risk' product(s): 0
Number of 'Medium Risk' product(s): 8
Number of 'Low Risk' product(s): 0
Evaluation of overall 'Risk Level': Medium Risk
Impact
- Remote Code Execution
- Information Disclosure
- Denial of Service
System / Technologies affected
- Adobe Bridge 13.0.9 and earlier versions
- Adobe Bridge 14.1.2 and earlier versions
- Adobe Audition 24.4.6 and earlier versions
- Adobe Audition 23.6.9 and earlier versions
- Adobe After Effects 24.6.2 and earlier versions
- Adobe After Effects 23.6.9 and earlier versions
- Adobe Substance 3D Painter 10.1.0 and earlier versions
- Illustrator 2024 28.7.1 and earlier versions
- Adobe InDesign ID19.5 and earlier versions
- Adobe InDesign ID18.5.3 and earlier versions
- Adobe InDesign ID18.5.2 and earlier versions
- Photoshop 2023 24.7.3 and earlier versions
- Photoshop 2024 25.11 and earlier versions
- Adobe Commerce and Magento Open Source powered by Commerce Services and deployed as SaaS (software as a service). (Commerce Services Connector) 3.2.5 and earlier versions
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update.
沒有留言:
發佈留言