Skip to main content

Adobe scrambled to deliver urgent patches for bugs in Photoshop, Bridge, Prelude

Adobe Photoshop
(Image credit: Shutterstock)

Adobe has broken from its regular update schedule to deliver emergency patches for critical security vulnerabilities discovered in popular software Photoshop, Prelude and Bridge.

The firm traditionally issues patches for its various products on a monthly basis, but the latest raft of fixes arrived just one week after the conventional security update.

Thirteen vulnerabilities were resolved in all, twelve of which were classified as critical, hence the need for swift action on the part of Adobe.

Mat Powell, researcher with the Trend Micro Zero Day Initiative (ZDI), was said to be responsible for identifying and disclosing the issues.

Adobe security update

The update addressed five critical bugs present in Adobe Photoshop CC 2019 (versions 20.0.9 and earlier) and Photoshop 2020 (versions 21.2 and earlier) for Windows.

Two are described as out-of-bounds read flaws and the remaining three are classed as out-of-bounds write vulnerabilities - all five of which could be exploited by hackers to execute code on the target machine.

Asset management software Adobe Bridge (versions 10.1.1 and earlier) was updated to rectify one out-of-bounds read and two out-of-bounds write flaws. In this case, both Windows and macOS versions were affected.

Adobe Prelude, meanwhile, was found to suffer four similar vulnerabilities, which were also resolved in the unexpected round of patches.

The previous raft of security updates, delivered a week prior, addressed issues in various Adobe Creative Cloud, Media Encoder, ColdFusion and Download Manager.

Users of relevant Adobe software are advised to install the latest updates as soon as possible, to mitigate the risk of compromise.

Via ZDNet