Thursday, February 27, 2025
Follow us On Linkedin
HomeCyber AttackCritical Security Updates Released for Adobe Illustrator, Bridge, and Magento

Critical Security Updates Released for Adobe Illustrator, Bridge, and Magento

Cyber Attackcyber security

Published on

By Gurubaran
Adobe security updates

Supply Chain Attack Prevention

SIEM as a Service

Follow Us on Google News

Adobe released emergency security updates that resolve critical vulnerabilities with three of it’s most used products such as Adobe Illustrator, Bridge, and Magento commerce.

Adobe Illustrator – APSB20-20

Security updates fixed 5 critical vulnerabilities with Adobe Illustrator 2020 for Windows that allows attackers to execute arbitrary code with the context of the current user.

Illustrator versions 24.0.2  and  earlier  versions are affected and the issues fixed with version 24.1.2.

Adobe Bridge – APSB20-19

Adobe released security updates for Adobe Bridge that fixes multiple 14 critical and 3 important vulnerabilities. The flaws lead to arbitrary code execution and information disclosure.

Adobe Bridge 10.0.1 and earlier version are affected, fixed with Adobe Bridge 10.0.4.

Magento – APSB20-22

The updates also cover Magento Commerce and Open Source editions, 6 critical, 4 important, and 3 moderate vulnerabilities fixed. Successful exploitation of the vulnerabilities leads to arbitrary code execution.

Affected Versions

ProductVersionPlatform
Magento Commerce 2.3.4 and earlier versions    All
Magento Open Source   2.3.4 and earlier versions    All
Magento Commerce 2.2.11 and earlier versions (see note)All
Magento Open Source  2.2.11 and earlier versions (see note)All
Magento Enterprise Edition    1.14.4.4 and earlier versions    All
Magento Community Edition   1.9.4.4 and earlier versions    All

Fixed Versions

ProductVersionPlatformPriority RatingAvailability
Magento Commerce    2.3.4-p2All22.3.4-p2 Commerce
Magento Open Source    2.3.4-p2All22.3.4-p2 Open Source
Magento Commerce    2.3.5-p1All22.3.5 Commerce
Magento Open Source    2.3.5-p1All22.3.5 Open Source
Magento Enterprise Edition    1.14.4.5All21.14.4.5
Magento Community Edition    1.9.4.5All21.9.4.5

Adobe recommends users update their product installations to the latest versions using the instructions referenced in the bulletin.

Related Read

Adobe Released Security Updates for 87 Vulnerabilities with Media Encoder, Flash, Adobe Acrobat and Reader

Adobe Released Security Updates & Fixed 43 Vulnerabilities in Acrobat Reader, Adobe Flash & More

Adobe Releases Security Updates that Fixes Critical Vulnerabilities with Photoshop CC and Digital Editions

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

APT

Silver Fox APT Hackers Target Healthcare Services to Steal Sensitive Data

A sophisticated cyber campaign orchestrated by the Chinese Advanced Persistent Threat (APT) group, Silver...
APT

Ghostwriter Malware Targets Government Organizations with Weaponized XLS File

A new wave of cyberattacks attributed to the Ghostwriter Advanced Persistent Threat (APT) group...
cyber security

LCRYX Ransomware Attacks Windows Machines by Blocking Registry Editor and Task Manager

The LCRYX ransomware, a malicious VBScript-based threat, has re-emerged in February 2025 after its...
cyber security

Threat Actors Using Ephemeral Port 60102 for Covert Malware Communications

Recent cybersecurity investigations have uncovered a sophisticated technique employed by threat actors to evade...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

Register Now

More like this

APT

Silver Fox APT Hackers Target Healthcare Services to Steal Sensitive Data

A sophisticated cyber campaign orchestrated by the Chinese Advanced Persistent Threat (APT) group, Silver...
APT

Ghostwriter Malware Targets Government Organizations with Weaponized XLS File

A new wave of cyberattacks attributed to the Ghostwriter Advanced Persistent Threat (APT) group...
cyber security

LCRYX Ransomware Attacks Windows Machines by Blocking Registry Editor and Task Manager

The LCRYX ransomware, a malicious VBScript-based threat, has re-emerged in February 2025 after its...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2024 GBHackers On Security - All Rights Reserved