Monday, February 17, 2025
Follow us On Linkedin
HomeCyber AttackCritical Security Updates Released for Adobe Illustrator, Bridge, and Magento

Critical Security Updates Released for Adobe Illustrator, Bridge, and Magento

Cyber Attackcyber security

Published on

By Gurubaran
Adobe security updates

Supply Chain Attack Prevention

SIEM as a Service

Follow Us on Google News

Adobe released emergency security updates that resolve critical vulnerabilities with three of it’s most used products such as Adobe Illustrator, Bridge, and Magento commerce.

Adobe Illustrator – APSB20-20

Security updates fixed 5 critical vulnerabilities with Adobe Illustrator 2020 for Windows that allows attackers to execute arbitrary code with the context of the current user.

Illustrator versions 24.0.2  and  earlier  versions are affected and the issues fixed with version 24.1.2.

Adobe Bridge – APSB20-19

Adobe released security updates for Adobe Bridge that fixes multiple 14 critical and 3 important vulnerabilities. The flaws lead to arbitrary code execution and information disclosure.

Adobe Bridge 10.0.1 and earlier version are affected, fixed with Adobe Bridge 10.0.4.

Magento – APSB20-22

The updates also cover Magento Commerce and Open Source editions, 6 critical, 4 important, and 3 moderate vulnerabilities fixed. Successful exploitation of the vulnerabilities leads to arbitrary code execution.

Affected Versions

ProductVersionPlatform
Magento Commerce 2.3.4 and earlier versions    All
Magento Open Source   2.3.4 and earlier versions    All
Magento Commerce 2.2.11 and earlier versions (see note)All
Magento Open Source  2.2.11 and earlier versions (see note)All
Magento Enterprise Edition    1.14.4.4 and earlier versions    All
Magento Community Edition   1.9.4.4 and earlier versions    All

Fixed Versions

ProductVersionPlatformPriority RatingAvailability
Magento Commerce    2.3.4-p2All22.3.4-p2 Commerce
Magento Open Source    2.3.4-p2All22.3.4-p2 Open Source
Magento Commerce    2.3.5-p1All22.3.5 Commerce
Magento Open Source    2.3.5-p1All22.3.5 Open Source
Magento Enterprise Edition    1.14.4.5All21.14.4.5
Magento Community Edition    1.9.4.5All21.9.4.5

Adobe recommends users update their product installations to the latest versions using the instructions referenced in the bulletin.

Related Read

Adobe Released Security Updates for 87 Vulnerabilities with Media Encoder, Flash, Adobe Acrobat and Reader

Adobe Released Security Updates & Fixed 43 Vulnerabilities in Acrobat Reader, Adobe Flash & More

Adobe Releases Security Updates that Fixes Critical Vulnerabilities with Photoshop CC and Digital Editions

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Cyber Security News

Ransomware Gangs Encrypt Systems 17 Hours After Initial Infection

Ransomware gangs are accelerating their operations, with the average time-to-ransom (TTR), the period between...
Cyber Security News

Stealthy Malware in WordPress Sites Enables Remote Code Execution by Hackers

Security researchers have uncovered sophisticated malware targeting WordPress websites, leveraging hidden backdoors to enable...
CVE/vulnerability

Xerox Printer Vulnerability Exposes Authentication Data Via LDAP and SMB

A critical security vulnerability in Xerox’s Versalink C7025 Multifunction Printer (MFP) has been uncovered,...
Cyber Security News

New XCSSET Malware Targets macOS Users Through Infected Xcode Projects

Microsoft Threat Intelligence has identified a new variant of the XCSSET macOS malware, marking...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

Register Now

More like this

cyber security

SocGholish Malware Dropped from Hacked Web Pages using Weaponized ZIP Files

A recent wave of cyberattacks leveraging the SocGholish malware framework has been observed using...
cyber security

Lazarus Group Targets Developers Worldwide with New Malware Tactic

North Korea's Lazarus Group, a state-sponsored cybercriminal organization, has launched a sophisticated global campaign...
cyber security

North Korean IT Workers Penetrate Global Firms to Install System Backdoors

In a concerning escalation of cyber threats, North Korean IT operatives have infiltrated global...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2024 GBHackers On Security - All Rights Reserved