{"id":8427,"date":"2021-10-29T12:26:32","date_gmt":"2021-10-29T19:26:32","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=patch_watch&p=8427"},"modified":"2023-03-03T14:21:22","modified_gmt":"2023-03-03T21:21:22","slug":"october-adobe-patches-102-security-vulnerabilities","status":"publish","type":"patch_watch","link":"https:\/\/webdev.securin.xyz\/patch_watch\/october-adobe-patches-102-security-vulnerabilities\/","title":{"rendered":"October 2021: Adobe Patches 102 Security Vulnerabilities"},"content":{"rendered":"
Adobe released a series of patches that address 102 flaws in 20 of its products, including Adobe Acrobat and Reader, Premiere Pro, InCopy, and other Adobe products. We analyzed these weaknesses and highlighted the most important vulnerabilities that ought to be fixed on priority.<\/p>\n
<\/p>\n
In this monthly rollout, 102 security vulnerabilities have been addressed –<\/p>\n
67 CVEs are classified as Arbitrary Code Execution bugs<\/p>\n<\/li>\n
6 CVEs with Privilege Escalation capabilities<\/p>\n<\/li>\n
1 CVEs are linked to Arbitrary file system write\/read<\/p>\n<\/li>\n
22 CVEs have Denial of Service capabilities.<\/p>\n<\/li>\n<\/ul>\n
<\/p>\n
None of the bugs fixed this month by Adobe are listed as publicly known or under active attack at the time of release.<\/p>\n
<\/p>\n
Adobe After Effects, Animate, and Bridge received fixes for 9 critical vulnerabilities.<\/p>\n<\/li>\n
Audition received fixes for 6 critical vulnerabilities.<\/p>\n<\/li>\n
Premiere Pro and Character Animator received fixes for 3 critical vulnerabilities.<\/p>\n<\/li>\n
Media Encoder received fixes for 4 critical vulnerabilities.<\/p>\n<\/li>\n
Adobe Illustrator, InDesign, and Photoshop received fixes for 2 critical vulnerabilities each.<\/p>\n<\/li>\n<\/ul>\n
<\/p>\n
Patches are tagged Priority 2<\/a> for Adobe Acrobat and Reader, Connect, Adobe Ops-CLI, Adobe Commerce, Adobe Campaign Standard, Adobe Lightroom Classic, Acrobat and Reader for Android and Adobe XMP Toolkit SDK, while the remaining are labeled as Priority 3.<\/a><\/p>\n <\/p>\n When analyzed based on CWE classification, we found 48% of CVEs are categorized under the 2021 CWE Top 25 Most Dangerous Software Weaknesses<\/a>, making the fixes the highest priority for this month.<\/p>\n <\/p>\nCWE Analysis<\/strong><\/h2>\n