{"id":8427,"date":"2021-10-29T12:26:32","date_gmt":"2021-10-29T19:26:32","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=patch_watch&#038;p=8427"},"modified":"2023-03-03T14:21:22","modified_gmt":"2023-03-03T21:21:22","slug":"october-adobe-patches-102-security-vulnerabilities","status":"publish","type":"patch_watch","link":"https:\/\/10.42.32.162\/patch_watch\/october-adobe-patches-102-security-vulnerabilities\/","title":{"rendered":"October 2021: Adobe Patches 102 Security Vulnerabilities"},"content":{"rendered":"<p dir=\"ltr\">Adobe released a series of patches that address 102 flaws in 20 of its products, including Adobe Acrobat and Reader, Premiere Pro, InCopy, and other Adobe products. We analyzed these weaknesses and highlighted the most important vulnerabilities that ought to be fixed on priority.<\/p>\n<p dir=\"ltr\"><img decoding=\"async\" style=\"width: 800px; height: 612px;\" src=\"\/wp-content\/uploads\/2022\/10\/patch-watch-revamp-a-2.png\" alt=\"\" \/><\/p>\n<h2 dir=\"ltr\"><strong>Abode October Patches: Overview<\/strong><\/h2>\n<p dir=\"ltr\">In this monthly rollout, 102 security vulnerabilities have been addressed &#8211;<\/p>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">67 CVEs are classified as Arbitrary Code Execution bugs<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">6 CVEs with Privilege Escalation capabilities<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">1 CVEs are linked to Arbitrary file system write\/read<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">22 CVEs have Denial of Service capabilities.<\/p>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p dir=\"ltr\">None of the bugs fixed this month by Adobe are listed as publicly known or under active attack at the time of release.<\/p>\n<h2 dir=\"ltr\"><strong>Product Analysis<\/strong><\/h2>\n<p dir=\"ltr\"><img decoding=\"async\" style=\"width: 550px; height: 321px;\" src=\"\/wp-content\/uploads\/2022\/10\/patch-watch-revamp-5-1.png\" alt=\"\" \/><\/p>\n<h2 dir=\"ltr\"><strong>Severity Score<\/strong><\/h2>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">Adobe After Effects, Animate, and Bridge received fixes for 9 critical vulnerabilities.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">Audition received fixes for 6 critical vulnerabilities.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">Premiere Pro and Character Animator received fixes for 3 critical vulnerabilities.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">Media Encoder received fixes for 4 critical vulnerabilities.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">Adobe Illustrator, InDesign, and Photoshop received fixes for 2 critical vulnerabilities each.<\/p>\n<\/li>\n<\/ul>\n<p dir=\"ltr\"><img decoding=\"async\" style=\"width: 550px; height: 396px;\" src=\"\/wp-content\/uploads\/2022\/10\/patch-watch-revamp-a.png\" alt=\"\" \/><\/p>\n<p dir=\"ltr\">Patches are tagged <a href=\"https:\/\/helpx.adobe.com\/security\/severity-ratings.html\">Priority 2<\/a> for Adobe Acrobat and Reader, Connect, Adobe Ops-CLI, Adobe Commerce, Adobe Campaign Standard, Adobe Lightroom Classic, Acrobat and Reader for Android and Adobe XMP Toolkit SDK, while the remaining are labeled as <a href=\"https:\/\/helpx.adobe.com\/security\/severity-ratings.html\">Priority 3.<\/a><\/p>\n<p>&nbsp;<\/p>\n<h2 dir=\"ltr\"><strong>CWE Analysis<\/strong><\/h2>\n<p>When analyzed based on CWE classification, we found 48% of CVEs are categorized under the 2021<a href=\"https:\/\/cwe.mitre.org\/top25\/archive\/2021\/2021_cwe_top25.html\"> CWE Top 25 Most Dangerous Software Weaknesses<\/a>, making the fixes the highest priority for this month.<\/p>\n<p dir=\"ltr\"><img decoding=\"async\" style=\"width: 550px; height: 341px;\" src=\"\/wp-content\/uploads\/2022\/10\/patch-watch-revamp-4-1.png\" alt=\"\" \/><\/p>\n<p><iframe class=\"airtable-embed\" style=\"background: transparent; border: 1px solid #ccc;\" src=\"https:\/\/airtable.com\/embed\/shrpbQdaqX6PrFDWL?backgroundColor=purple&amp;viewControls=on\" width=\"100%\" height=\"533\" frameborder=\"0\"><\/iframe><\/p>\n<p dir=\"ltr\"><strong>Table: Adobe October Patches 2021<\/strong><\/p>\n<p>CISA has <a href=\"https:\/\/us-cert.cisa.gov\/ncas\/current-activity\/2021\/05\/11\/adobe-releases-security-updates-multiple-products\">issued<\/a> an alert recommending users to update to the latest versions that bring new enhancements and fixes for some customer-reported issues. In addition to the release of the security patches, Adobe also issued alerts about the most severe flaws in its products. We recommend all Adobe users to add these updates to your \u201cPatch Now\u201d cycle.<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Adobe released a series of patches that address 102 flaws in 20 of its products, including Adobe Acrobat and Reader, Premiere Pro, InCopy, and other Adobe products. We analyzed these weaknesses and highlighted the most important vulnerabilities that ought to be fixed on priority. Abode October Patches: Overview In this monthly rollout, 102 security vulnerabilities [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":14434,"parent":0,"menu_order":0,"template":"","meta":{"content-type":""},"patch_category":[288],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/patch_watch\/8427"}],"collection":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/patch_watch"}],"about":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/types\/patch_watch"}],"author":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/users\/1"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media\/14434"}],"wp:attachment":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media?parent=8427"}],"wp:term":[{"taxonomy":"patch_category","embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/patch_category?post=8427"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}