Adobe Critical Security Updates September 2021 fixes for 34 critical vulnerabilities in Adobe Acrobat and Reader, Premiere Pro, InCopy, etc. Moreover, a total of 52 security vulnerabilities have been patched in this release. Most of these vulnerabilities could lead to arbitrary code execution on successful exploitation. These flaws affect Windows and macOS and can be patched by a patch management tool.
There are no reports of any of the above vulnerabilities being actively exploited.
However, Adobe Acrobat and Reader received fixes for 13 critical vulnerabilities. Adobe Premiere Pro, InCopy, ColdFusion and, Digital Editions received fixes for two critical vulnerabilities each and then Adobe InDesign received fixes for three critical vulnerabilities and then Adobe Premiere Elements received fixes for four critical vulnerabilities and then Adobe SVG-Native-Viewer, Creative Cloud Desktop Application, Photoshop, Photoshop Elements, Genuine Service, and Experience Manager received fixes for one critical vulnerability each. Therefore, a vulnerability management tool can help detect these kinds of vulnerabilities.
Adobe Critical Security Updates September 2021 Security Bulletin Summary
- Product: Adobe Acrobat and Reader
Advisory/CVEs: APSB21-55, CVE-2021-35982, CVE-2021-39836, CVE-2021-39837, CVE-2021-39838, CVE-2021-39839, CVE-2021-39840, CVE-2021-39841, CVE-2021-39842, CVE-2021-39843, CVE-2021-39844, CVE-2021-39845, CVE-2021-39846, CVE-2021-39849, CVE-2021-39850, CVE-2021-39851, CVE-2021-39852, CVE-2021-39853, CVE-2021-39854, CVE-2021-39855, CVE-2021-39856, CVE-2021-39857, CVE-2021-39858, CVE-2021-39859, CVE-2021-39860, CVE-2021-39861 ,CVE-2021-39863
Severity: Critical
Impact: Arbitrary code execution, Arbitrary file system read, Memory leak and then Application denial-of-service
2. Product: Adobe Premiere Pro
Advisory/CVEs: APSB21-67, CVE-2021-40710,and then CVE-2021-40715
Severity: Critical
Impact: Arbitrary code execution
3. Product: Adobe InCopy
Advisory/CVEs: APSB21-71, CVE-2021-39819, CVE-2021-39818
Severity: Critical
Impact: Arbitrary code execution and then Arbitrary file system write
4. Product: Adobe SVG-Native-Viewer
Advisory/CVEs: APSB21-72, CVE-2021-39823
Severity: Critical
Impact: Arbitrary code execution
5. Product: Adobe InDesign
Advisory/CVEs: APSB21-73, CVE-2021-39820, CVE-2021-39821,and then CVE-2021-39822
Severity: Critical
Impact: Arbitrary code execution
6. Product: Adobe ColdFusion
Advisory/CVEs: APSB21-75, CVE-2021-40698, and then CVE-2021-40699
Severity: Critical
Impact: Security feature bypass
7. Product: Adobe Creative Cloud Desktop Application
Advisory/CVEs: APSB21-76, CVE-2021-28613
Severity: Critical
Impact: Arbitrary file system write
8. Product: Adobe Photoshop Elements
Advisory/CVEs: APSB21-77, CVE-2021-39825
Severity: Critical
Impact: Arbitrary code execution
9. Product: Adobe Digital Editions
Advisory/CVEs: APSB21-80, CVE-2021-39826, CVE-2021-39827, and then CVE-2021-39828
Severity: Critical
Impact: Arbitrary code execution, Arbitrary file system write and then Privilege Escalation
10. Product: Adobe Genuine Service
Advisory/CVEs: APSB21-81, CVE-2021-40708
Severity: Critical
Impact: Privilege Escalation
11. Product: Adobe Experience Manager
Advisory/CVEs: APSB21-82, CVE-2021-40711, CVE-2021-40712, CVE-2021-40713, CVE-2021-40714
Severity: Critical
Impact: Arbitrary code execution, Application denial-of-service and then Security feature bypass
12. Product: Adobe Photoshop
Advisory/CVEs: APSB21-84, CVE-2021-40709
Severity: Critical
Impact: Arbitrary code execution
13. Product: Adobe XMP Toolkit SDK
Advisory/CVEs: APSB21-85, CVE-2021-40716
Severity: Important
Impact: Arbitrary file system read
However, SanerNow VMand SanerNow PM detect these vulnerabilities and automatically fix them by applying security updates. Moreover, use SanerNow and keep your systems updated and secure.