Skip to main content

Popular Adobe Programs Currently Have Many Security Issues

By August 24, 2020May 5th, 2022Cybersecurity

If you have Adobe Acrobat Reader or Lightroom installed on your computer, then you’ll definitely want to grab and install the latest security patch from the company, which addresses a whopping twenty-six serious security vulnerabilities.

Eleven of the issues addressed are rated as “Critical” given that they allow an attacker to bypass security features on your PC or perform remote code execution.

Of these, twenty-five of the issues addressed are in Acrobat Reader and one is in Lightroom.

Here’s a quick overview of the Reader issues that can now be resolved:

  • CVE-2020-9697 – Memory leak that could disclose sensitive data
  • CVE-2020-9714 – Privilege escalation and security bypass
  • CVE-2020-9693 & CVE-2020-9694 – Arbitrary code execution, out of bounds write
  • CVE-2020-9702 & CVE-2020-9703 – App DOS and stack exhaustion
  • CVE-2020-9696 & CVE-20209712 – Security bypasses
  • CVE-2020-9723, along with:
    • CVE-2020-9705
    • CVE-20209706
    • CVE-2020-9707
    • CVE-2020-9710
    • CVE-2020-9716
    • CVE-2020-9717
    • CVE-2020-9718
    • CVE-2020-9719
    • CVE-2020-9720
    • CVE-2020-9721 – Information disclosures and out of bounds reads
  • CVE-2020-9698, as well as:
    • CVE-2020-9699
    • CVE-2020-9700
    • CVE-2020-9701
    • & CVE-2020-9704 – Which are arbitrary code execution issues that exploit buffer errors
  • CVE-2020-9715 & CVE-2020-9722 – Arbitrary code execution errors that exploit use after free issues

On the Lightroom front, the issue being addressed by the most recent patch is tracked as CVE-2020-9724, which is a privacy escalation issue taking advantage of an insecure library load.

In any case, even if you’re prone to letting updates go for some time before you download and install them, the latest by Adobe is well worth making a priority. To be sure you’re installing the very latest, grab version 9.3 of Lightroom or the APSB20-51 security update, and for Acrobat Reader, you want the APSB20-48 security update.

Kudos to Adobe for tackling so many thorny issues with these latest patches. Download and install them today.

Chris Forte

Chris Forte, President and CEO of Olmec Systems, has been in the MSP workspace for the past 25 years. Chris earned his Master’s Degree from West Virginia University, graduating Magna Cum Laude. He was a past member of the Entrepreneurs’ Organization, a current member of the New Jersey Power Partners and Executive Association of New Jersey, where he has previously served on its board of directors. In his spare time, Chris enjoys traveling with his family. He also admits to being a struggling golfer and avid watcher of college football and basketball. He currently lives in Boonton Township, NJ with his wife, two daughters, son, and black lab Luna.