Adobe Security Bulletin – December 2024
Originally posted: December 10, 2024
Adobe release various patches for the multiple products
Severity: Critical /High
- APSB24-69 : Security update available for Adobe Experience Manager
- APSB24-92 : Security update available for Adobe Acrobat Reader
- APSB24-93 : Security update available for Adobe Media Encoder
- APSB24-94 : Security update available for Adobe Illustrator
- APSB24-95 : Security update available for Adobe After Effects
- APSB24-96 : Security update available for Adobe Animate
- APSB24-97 : Security update available for Adobe InDesign
- APSB24-98 : Security update available for Adobe PDFL SDK
- APSB24-99 : Security update available for Adobe Connect
- APSB24-100 : Security update available for Adobe Substance 3D Sampler
- APSB24-101 : Security update available for Adobe Photoshop
- APSB24-102 : Security update available for Adobe Substance 3D Modeler
- APSB24-103 : Security update available for Adobe Bridge
- APSB24-104 : Security update available for Adobe Premiere Pro
- APSB24-105 : Security update available for Adobe Substance 3D Painter
- APSB24-106 : Security update available for Adobe FrameMaker
APSB24-69 : Security update available for Adobe Experience Manager
Summary: Adobe has released updates for Adobe Experience Manager (AEM). These updates resolve vulnerabilities rated critical, important and moderate. Successful exploitation of these vulnerabilities could result in arbitrary code execution and security feature bypass. Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates.
APSB24-92 : Security update available for Adobe Acrobat Reader
Summary: Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution, memory leak and application denial-of-service. Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates.
APSB24-93 : Security update available for Adobe Media Encoder
Summary: Adobe has released an update for Adobe Media Encoder. This update resolves critical and important vulnerabilities that could lead to arbitrary code execution and application denial-of-service. Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates.
APSB24-94 : Security update available for Adobe Illustrator
Summary: Adobe has released an update for Adobe Illustrator. This update resolves critical vulnerabilities that could lead to arbitrary code execution. Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates.
APSB24-95 : Security update available for Adobe After Effects
Summary: Adobe has released an update for Adobe After Effects for Windows and macOS. This update addresses a critical security vulnerability. Successful exploitation could lead to memory leak in the context of the current user. Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates.
APSB24-96 : Security update available for Adobe Animate
Summary: Adobe has released an update for Adobe Animate. This update resolves critical vulnerabilities. Successful exploitation could lead to arbitrary code execution. Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates.
APSB24-97 : Security update available for Adobe InDesign
Summary: Adobe has released a security update for Adobe InDesign. This update addresses critical and important vulnerabilities. Successful exploitation could lead to memory leak, arbitrary code execution and application denial-of-service. Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates.
APSB24-98 : Security update available for Adobe PDFL SDK
Summary: Adobe has released an update for the Adobe PDFL Software Development Kit (SDK) for Windows, Linux and macOS. This update resolves a critical vulnerability that could lead to arbitrary code execution. Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates.
APSB24-99 : Security update available for Adobe Connect
Summary: Adobe has released a security update for Adobe Connect. This update resolves critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution, privilege escalation and security feature bypass. Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates.
APSB24-100 : Security update available for Adobe Substance 3D Sampler
Summary: Adobe has released an update for Adobe Substance 3D Sampler. This update addresses critical vulnerabilities in Adobe Substance 3D Sampler. Successful exploitation could lead to arbitrary code execution. Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates.
APSB24-101 : Security update available for Adobe Photoshop
Summary: Adobe has released an update for Photoshop for Windows and macOS. This update resolves a critical vulnerability. Successful exploitation could lead to arbitrary code execution. Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates.
APSB24-102 : Security update available for Adobe Substance 3D Modeler
Summary: Adobe has released an update for Adobe Substance 3D Modeler. This update addresses critical and important vulnerabilities in Adobe Substance 3D Modeler. Successful exploitation could lead to arbitrary code execution and application denial-of-service. Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates.
APSB24-103 : Security update available for Adobe Bridge
Summary: Adobe has released a security update for Adobe Bridge. This update addresses a critical vulnerability that could lead to arbitrary code execution.
Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates.
APSB24-104 : Security update available for Adobe Premiere Pro
Summary: Adobe has released updates for Adobe Premiere Pro for Windows and macOS. This update addresses a critical vulnerability. Successful exploitation could lead to arbitrary code execution. Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates.
APSB24-105 : Security update available for Adobe Substance 3D Painter
Summary: Adobe has released an update for Adobe Substance 3D Painter. This update addresses critical vulnerabilities in Adobe Substance 3D Painter. Successful exploitation could lead to arbitrary code execution. Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates.
APSB24-106 : Security update available for Adobe FrameMaker
Summary: Adobe has released a security update for Adobe FrameMaker. This update addresses a critical vulnerability. Successful exploitation could lead to arbitrary code execution. Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates.
APSB24-107 : Security update available for Adobe ColdFusion
Summary: Adobe has released security updates for ColdFusion versions 2023 and 2021. These updates resolve a critical vulnerability that could lead to arbitrary file system read. Adobe is aware that CVE-2024-53961 has a known proof-of-concept that could cause an arbitrary file system read.
Reference Link
ADOBE
- https://helpx.adobe.com/in/security/security-bulletin.html
NOTE: The information is provide is on “as is “ basis, without assurance of any kind .
Revision history
- 10th-Dec-24 – first advisory released. — fix patch released
- 23rd-Dec-24- update advisory – APSB24-107 added to the advisory
About The Author
