Adobe had already closed numerous security gaps in Acrobat and Reader and other products on Tuesday last week. This week, the software manufacturer is adding on and delivering updates for some products, including the video editing program Premiere.
Attackers could attack computers with Adobe Audition. Adobe now provides secured versions. The software manufacturer actually only releases security updates on Patchday at the beginning of the month.
Adobe Character Is The Most Dangerous Gap
The most dangerous is the gap in Character Animator on Windows. If an attack is successful, attackers could execute malicious code remotely through a stack based buffer overflow. All previous versions are said to be threatened. The risk of attack is considered critical.
A vulnerability has been fixed in Adobe Character Animator which could lead to virus infection of the computer. All versions of Character Animator are affected, a solution in the form of an update to version 3.3 is only available for this year’s edition. Older versions of Character Animator should no longer be used.
Microsoft suggests some measures to limit the impact of the gap. On the one hand, users can switch off the preview display in Adobe. Apparently it is possible to exploit the gap directly in the preview of the file manager. Microsoft also writes that it is still possible that a local user can exploit the gap with a special program. It is also recommended to deactivate the web client service. According to Microsoft, this prevents the most likely remote attack vector. However, services that use the web client service will no longer work. Overall, it remains unclear what exactly exist for attack scenarios and which of the measures are proposed.