Skip to main content

Adobe Updates Some Of Their Products Due To Critical Issues

By September 14, 2020May 5th, 2022Technology News

Adobe continues to have problems associated with JavaScript.

As a consequence, they have released new patches for Experience Manager, InDesign, and Framemaker.

Of these, the patch for Experience Manager is the largest, and addresses a total of five critical vulnerabilities, tracked as:

  • CVE-2020-9732
  • CVE-2020-9734
  • CVE-2020-9740
  • CVE-2020-9741
  • CVE-2020-9742

Each of these bugs, can, if left unpatched, lead to arbitrary JavaScript execution in the browser.

In addition, the latest Experience Manager patch addresses six other issues deemed serious, including one that is described as an “execution with unnecessary privileges” that can lead to information disclosure.

If you’re running Experience Manager,, and earlier, or version 6.2 SP1-CFP20 and earlier, then your system is vulnerable.

The patch for InDesign addresses a total of five vulnerabilities, all described as memory corruption flaws, and are tracked as:

  • CVE-2020-9727
  • CVE-2020-9728
  • CVE-2020-9729
  • CVE-2020-9730
  • CVE-2020-9731

These flaws impact InDesign versions 15.11 and below.

Finally, the Framemaker patch addresses two critical security vulnerabilities, tracked as CVE-2020-9726, and CVE-2020-9725. Both of these, if exploited, impact all supported versions of the program.

The company has stressed that none of the flaws addressed in their most recent product patches are currently being used in the wilds, but if you use any of the products listed above, you should make installing the latest patches a priority in order to minimize your risk. After all, it’s just a matter of time.

Kudos to Adobe for their fast action on addressing these flaws, but here’s hoping the company can finally get their arms around the issues they’ve been having with their product line soon. The last patch the company released for their popular Acrobat reader addressed 26 bugs of serious or critical importance, and of course, their beleaguered Flash Player has caused no end of trouble for the company and the folks who rely on it.

In any case, these are important patches, and if you use the software mentioned above, they deserve priority.

Chris Forte

Chris Forte, President and CEO of Olmec Systems, has been in the MSP workspace for the past 25 years. Chris earned his Master’s Degree from West Virginia University, graduating Magna Cum Laude. He was a past member of the Entrepreneurs’ Organization, a current member of the New Jersey Power Partners and Executive Association of New Jersey, where he has previously served on its board of directors. In his spare time, Chris enjoys traveling with his family. He also admits to being a struggling golfer and avid watcher of college football and basketball. He currently lives in Boonton Township, NJ with his wife, two daughters, son, and black lab Luna.