Adobe Patch Two Critical Code Execution Bugs A Week After Patch Tuesday

  •  
  •  
  •  
  • 1
  •  
  •  
  •  
    1
    Share

Last week, Adobe released its monthly Patch Tuesday updates addressing different bugs. But it seems their work wasn’t over as they now have rolled out more patches. Recently, Adobe have fixed two critical bugs in different products that could lead to code execution.

Two Critical Bugs In Adobe Products

Among the two critical code execution bugs disclose recently, the first one affects Adobe After Effects.

As revealed through their advisory, a critical out-of-bounds write vulnerability existed in Adobe After Effects for Windows. Upon an exploit, the bug, CVE-2020-3765, could allow an attacker to execute arbitrary codes on target systems.

Similarly, the other vulnerability, CVE-2020-3764, affected the Adobe Media Encoder for Windows. It was also an out-of-bounds write vulnerability with a critical severity rating that could lead to arbitrary code execution.

Both vulnerabilities caught the attention of researchers from Trend Micro Zero Day Initiative who then reported the flaws to Adobe. Adobe has acknowledged the researchers Matt Powell and Francis Provencher for reporting the respective flaws.

Patches Released, Update Now

The vulnerability CVE-2020-3765 affected all Adobe After Effects versions until 16.1.2. Consequently, Adobe has patched the bug in the software version 17.0.3 for both Windows and macOS.

Similarly, the bug CVE-2020-3764 impacted Adobe Media Encoder version 14.0 and earlier. The vendors fixed the flaw with the release of AME version 14.0.2 for both macOS and Windows.

Although, Adobe hasn’t mentioned any exploitation of the two critical bugs in the wild. Yet, considering the severity of the bugs, the users must ensure that their devices are running the latest patched versions to prevent potential exploitation.

Last week, Adobe rolled out its scheduled Patch Tuesday for February addressing multiple critical vulnerabilities in Adobe Framemaker, Adobe Acrobat and Reader, Adobe Flash Player, Adobe Digital Editions. Besides, they also fixed an important vulnerability in Adobe Experience Manager.

Let us know your thoughts in the comments.

The following two tabs change content below.
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!