Adobe Monthly Security Update (December 2024)
Release Date: 11 Dec 2024
RISK: Medium Risk
TYPE: Clients - Productivity Products
Adobe has released monthly security update for their products:
| Vulnerable Product | Risk Level | Impacts | Notes | Details (including CVE) |
| Adobe Experience Manager |  Medium Risk | Remote Code Execution Cross-site Scripting Security Restriction Bypass | APSB24-69 | |
| Adobe Acrobat and Reader | Medium Risk | Remote Code Execution Denial of Service Information Disclosure | APSB24-92 | |
| Adobe Media Encoder | Medium Risk | Remote Code Execution Denial of Service | APSB24-93 | |
| Adobe Illustrator | Medium Risk | Remote Code Execution | APSB24-94 | |
| Adobe After Effects | Medium Risk | Information Disclosure | APSB24-95 | |
| Adobe Animate | Medium Risk | Remote Code Execution | APSB24-96 | |
| Adobe InDesign | Medium Risk | Remote Code Execution Information Disclosure Denial of Service | APSB24-97 | |
| Adobe PDFL Software Development Kit (SDK) | Medium Risk | Remote Code Execution | APSB24-98 | |
| Adobe Connect | Medium Risk | Cross-site Scripting Remote Code Execution Elevation of Privilege Security Restriction Bypass | APSB24-99 | |
| Substance 3D Sampler | Medium Risk | Remote Code Execution | APSB24-100 | |
| Adobe Photoshop | Medium Risk | Remote Code Execution | APSB24-101 | |
| Substance 3D Modeler | Medium Risk | Remote Code Execution Denial of Service | APSB24-102 | |
| Adobe Bridge | Medium Risk | Remote Code Execution | APSB24-103 | |
| Adobe Premiere Pro | Medium Risk | Remote Code Execution | APSB24-104 | |
| Substance 3D Painter | Medium Risk | Remote Code Execution | APSB24-105 | |
| Adobe FrameMaker | Medium Risk | Remote Code Execution | APSB24-106 |
Number of 'Extremely High Risk' product(s): 0
Number of 'High Risk' product(s): 0
Number of 'Medium Risk' product(s): 16
Number of 'Low Risk' product(s): 0
Evaluation of overall 'Risk Level': Medium Risk
Impact
- Remote Code Execution
- Cross-Site Scripting
- Security Restriction Bypass
- Denial of Service
- Information Disclosure
- Elevation of Privilege
System / Technologies affected
- Adobe Experience Manager (AEM) AEM Cloud Service (CS)
- Adobe Experience Manager (AEM) 6.5.21 and earlier versions
- Acrobat DC 24.005.20307 and earlier versions
- Acrobat Reader DC 24.005.20307 and earlier versions
- Acrobat 2024 24.001.30213 and earlier versions
- Acrobat 2020 20.005.30730 and earlier versions
- Acrobat Reader 2020 20.005.30730 and earlier versions
- Adobe Media Encoder 24.6.3 and earlier versions
- Adobe Media Encoder 25.0 and earlier versions
- Illustrator 2025 29.0.0 and earlier versions
- Illustrator 2024 28.7.2 and earlier versions
- Adobe After Effects 24.6.2 and earlier versions
- Adobe After Effects 25.0.1 and earlier versions
- Adobe Animate 2023 23.0.8 and earlier versions
- Adobe Animate 2024 24.0.5 and earlier versions
- Adobe InDesign ID19.5 and earlier versions
- Adobe InDesign ID18.5.4 and earlier versions
- Adobe PDFL Software Development Kit (SDK) PDFL SDK 21.0.0.5 and earlier versions
- Adobe Connect 12.6 and earlier versions
- Adobe Connect 11.4.7 and earlier versions
- Adobe Substance 3D Sampler 4.5.1 and earlier versions
- Photoshop 2025 26.0 and earlier versions
- Adobe Substance 3D Modeler 1.14.1 and earlier versions
- Adobe Bridge 14.1.3 and earlier versions
- Adobe Bridge 15.0 and earlier versions
- Adobe Premiere Pro 25.0 and earlier versions
- Adobe Premiere Pro 24.6.3 and earlier versions
- Adobe Substance 3D Painter 10.1.1 and earlier versions
- Adobe FrameMaker 2020 Release Update 7 and earlier versions
- Adobe FrameMaker 2022 Release Update 5 and earlier versions
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update.
沒有留言:
發佈留言