You are currently viewing Adobe Fixes Critical Zero-Day Flaw Actively Exploited in the Wild – Security Updates February 2021

Adobe Fixes Critical Zero-Day Flaw Actively Exploited in the Wild – Security Updates February 2021

Adobe had released security updates providing fixes for 33 critical vulnerabilities in Adobe Magento, Adobe Acrobat, Reader, Photoshop, Animate, Illustrator, and Dreamweaver. A total of 50 security vulnerabilities are patched in this release. The patched vulnerabilities are arbitrary code execution, access control bypass, cross-site scripting, cross-site request forgery, injection, security bypass, etc… These flaws affect Windows and macOS.

In this release, Adobe has fixed the wildly exploited heap-based buffer overflow issue (CVE-2021-21017) in Adobe Reader, which could allow remote code execution on the vulnerable system.

Adobe fixed 23 vulnerabilities in Adobe Reader, 17 of them are rated as critical, and 18 vulnerabilities in Magento, 7 of them are rated as critical. Adobe also addressed 5 critical vulnerabilities in Photoshop, a critical arbitrary code execution vulnerability in Animate, 2 critical arbitrary code execution vulnerabilities in Illustrator, and an information disclosure vulnerability in Dreamweaver, rated as important.


Adobe Security Bulletin Summary for February 2021:

Product: Adobe Acrobat and Reader
CVE’s/Advisory: APSB21-09, CVE-2021-21017, CVE-2021-21021, CVE-2021-21028, CVE-2021-21033, CVE-2021-21034, CVE-2021-21035, CVE-2021-21036, CVE-2021-21037, CVE-2021-21038, CVE-2021-21039, CVE-2021-21040, CVE-2021-21041, CVE-2021-21042, CVE-2021-21044, CVE-2021-21045, CVE-2021-21046, CVE-2021-21057, CVE-2021-21058, CVE-2021-21059, CVE-2021-21060, CVE-2021-21061, CVE-2021-21062, CVE-2021-21063
Severity: Critical
Impact: Application denial-of-service, Arbitrary code execution, Privilege escalation, Information Disclosure


Product: Magento Commerce and Magento Open Source
CVE’s/Advisory: APSB21-08, CVE-2021-21012, CVE-2021-21013, CVE-2021-21014, CVE-2021-21015, CVE-2021-21016, CVE-2021-21018, CVE-2021-21019, CVE-2021-21020, CVE-2021-21022, CVE-2021-21023, CVE-2021-21024, CVE-2021-21025, CVE-2021-21026, CVE-2021-21027, CVE-2021-21029, CVE-2021-21030, CVE-2021-21031, CVE-2021-21032
Severity: Critical
Impact: Unauthorized access to restricted resources, Arbitrary code execution, Arbitrary JavaScript execution in the browser, Unauthorized modification of customer metadata


Product: Adobe Photoshop
CVE’s/Advisory: APSB21-10, CVE-2021-21047, CVE-2021-21048, CVE-2021-21049, CVE-2021-21050, CVE-2021-21051
Severity: Critical
Impact: Arbitrary code execution


Product: Adobe Animate
CVE’s/Advisory: APSB21-11, CVE-2021-21052
Severity: Critical
Impact: Arbitrary code execution


Product: Adobe Illustrator
CVE’s/Advisory: APSB21-12, CVE-2021-21053, CVE-2021-21054
Severity: Critical
Impact: Arbitrary code execution


Product: Adobe Dreamweaver
CVE’s/Advisory: APSB21-13, CVE-2021-21055
Severity: Important
Impact: Information disclosure


SanerNow detects these vulnerabilities and automatically fixes them by applying security updates. Download SanerNow and keep your systems updated and secure.

Subscribe For More Posts Like This

Get the latest research, best practices, industry trends and cybersecurity blogs from SecPod security experts

Invalid email address
We promise not to spam you. You can unsubscribe at any time.
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments