Software maker Adobe on Tuesday rolled out fixes for code execution flaws in the enterprise-facing Illustrator, Substance 3D Sampler and After Effects products.
As part of its scheduled batch of Patch Tuesday updates, Adobe documented at least 207 security vulnerabilities and warned users on both Windows and macOS systems of risk of code execution, memory leaks and denial-of-service attacks.
Here’s a snippet of the critical-severity issues:
- Adobe Substance 3D Sampler — This update addresses at least six (6)vulnerabilities that could lead to arbitrary code execution in the context of the current user. Affected software include Adobe Substance 3D Sampler 4.2.1 and earlier versions on all platforms.
- Adobe Illustrator — This update resolves three (3) critical vulnerabilities that could lead to arbitrary code execution and memory leaks. Affects Illustrator 2023 and Illustrator 2024 on both Windows and macOS platforms.
- Adobe After Effects — This update fixes four (4) critical and moderate security vulnerabilities that could lead to arbitrary code execution and memory leaks in the context of the current user. Affects both Windows and macOS users.
Adobe also rolled out a major Adobe Experience Manager (AEM) patch with fixes for a whopping 185 documented bugs that the company warns could be exploited for arbitrary code execution and security feature bypass.
The company also released fixes for bugs in the Adobe Prelude software, memory leaks and denial-of-service issues in Adobe InDesign, memory corruption issues in Adobe Dimension, and memory leaks in Adobe Animate.
Related: Patch Tuesday: Code Execution Flaws in Adobe Commerce, Photoshop
Related: CISA Warns of Attacks Exploiting Adobe Acrobat Vulnerability
Related: Adobe Says Critical PDF Reader Zero-Day Being Exploited