Adobe releases March Security Update to fix Arbitrary Code Execution on its products

On March 12, Adobe officially released the March security update, which fixes vulnerabilities in Adobe Photoshop CC and Adobe Digital Editions.

Adobe Reader PDF vulnerability

Vulnerability overview

Adobe Photoshop CC

Adobe has released an Adobe Photoshop CC security update that fixes a critical vulnerability that can lead to remote code execution.

The vulnerabilities are summarized as follows:

Vulnerability impact severity CVE number
Arbitrary Code Execution Critical CVE-2019-7094
Affected version
  • Photoshop CC <= 19.1.7
  • Photoshop CC <= 20.0.2
Unaffected version
  • Photoshop CC 19.1.8
  • Photoshop CC 20.0.4

For the specific impact version and fix of the vulnerability, please refer to Adobe’s official security notice here.

Adobe Digital Editions

Adobe has released a security update for Adobe Digital Editions that fixes a critical vulnerability that can lead to remote code execution.

The vulnerabilities are summarized as follows:

Vulnerability impact severity CVE number
Arbitrary Code Execution Critical CVE-2019-7095
Affected version
  • Adobe Digital Editions <= 4.5.10.185749
Unaffected version
  • Adobe Digital Editions 4.5.10.186048

For the specific impact version and fix of the vulnerability, please refer to Adobe’s official security notice here.

Solution

Adobe has released a new version to fix the above vulnerability, users should upgrade your affected software as soon as possible.