Patch Tuesday: Adobe releases patches for 28 security vulnerabilities and warned of code execution risks on Windows and macOS platforms.
September 10, 2024 By Ryan Naraine
Software maker Adobe on Tuesday released patches for at least 28 documented security vulnerabilities in a wide range of products and warned that both Windows and macOS users are exposed to code execution attacks.
The most urgent issue, affecting the widely deployed Acrobat and PDF Reader software, provides cover for two memory corruption vulnerabilities that could be exploited to launch arbitrary code.
A critical-severity bulletin documented the two bugs as CVE-2024-41869 (CVSS base score of 7.8/10) and CVE-2024-45112 (CVSS 8.6/10) and warned that both could be exploited for arbitrary code execution and presents a higher risk due to its potential to escalate privileges.
The company also pushed out a major Adobe ColdFusion update to fix a critical-severity flaw that exposes businesses to code execution attacks. The flaw, tagged as CVE-2024-41874, carries a CVSS severity score of 9.8/10 and affects all versions of ColdFusion 2023.
