Adobe addressed critical bugs in Illustrator, After Effects Software

Adobe Patch Tuesday addressed at least a half dozen vulnerabilities, including critical issues that expose Windows and macOS to hack.

Adobe released security updates to address at least a half dozen vulnerabilities impacting Photoshop, Illustrator and After Effects for both Windows and macOS users.

Adobe addressed four critical issues (CVE-2022-24094, CVE-2022-24095, CVE-2022-24096, and CVE-2022-24097) affecting the After Effects products, successful exploitation could lead to arbitrary code execution in the context of the current user.    

Below is the list of the issues:

The software giant also addressed a critical a buffer overflow issue, tracked as CVE-2022-23187, in Illustrator, that can lead to arbitrary code execution. The flaw was reported by Kushal Arvind Shah of Fortinet’s FortiGuard Labs and impacts both Windows and macOS versions of Illustrator 26.0.3 and earlier versions.

The company also addressed an important-severity flaw, tracked as CVE-2022-24090, in the Photoshop software. The successful exploitation of the flaw could lead to memory leak in the context of the current user.   

The good news is that the company was not aware of any exploits in the wild for the above vulnerabilities.

Microsoft also published its Patch Tuesday security updates for February 2023 that addressed 75 flaws, including three actively exploited zero-day bugs.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Patch Tuesday)
The post Adobe addressed critical bugs in Illustrator, After Effects Software appeared first on Security Affairs.