Issued: Thursday, 13 January, 2022 |
Last Revision: Thursday, 13 January, 2022 |
Vendor: |
Product: |
Severity Level: |
Adobe has issued security update for Jan 2022, which address multiple critical, important and moderate vulnerabilities in its products.
Adobe products that are patched in this month security update includes- Adobe Acrobat Reader, Adobe Illustrator, Adobe Bridge, Adobe InCopy, and Adobe InDesign.
Adobe has fixed problem of cross-site scripting (XSS), arbitrary code execution, application denial of service, security feature bypass, privilege escalation and memory leak.
CVE/Vulnerability | Description | Products |
Multiple Vulnerabilities | Arbitrary code execution, memory leak, application denial of service, security feature bypass and privilege escalation. | Adobe Acrobat and Reader |
CVE-2021-43752 CVE-2021-44700 | Privilege escalation | Adobe Illustrator |
CVE-2021-44743 | Arbitrary code execution | Adobe Bridge |
CVE-2021-45053 CVE-2021-45055 CVE-2021-45056 | Arbitrary code execution | Adobe InCop |
CVE-2021-45057 CVE-2021-45058 | Arbitrary code execution | Adobe InDesign |
Table 1: Vulnerability details
Affected Product(s) | Version | Platform |
Acrobat DC | 21.007.20099 and earlier versions | Windows |
Acrobat Reader DC | 21.007.20099 and earlier versions
| Windows |
Acrobat DC | 21.007.20099 and earlier versions | macOS |
Acrobat Reader DC | 21.007.20099 and earlier versions | macOS |
Acrobat 2020 | 20.004.30017 and earlier versions | Windows & macOS |
Acrobat Reader 2020 | 20.004.30017 and earlier versions | Windows & macOS |
Acrobat 2017 | 17.011.30204 and earlier versions | Windows & macOS |
Acrobat Reader 2017 | 17.011.30204 and earlier versions | Windows & macOS |
Illustrator 2022 | 26.0.1 and earlier versions | Windows and macOS |
Illustrator 2021 | 25.4.2 and earlier versions | Windows and macOS |
Adobe Bridge | 12.0 and earlier versions | Windows and macOS |
Adobe Bridge | 11.1.2 and earlier versions | Windows and macOS |
Adobe InCopy | 16.4 and earlier version | Windows and macOS |
Adobe InDesign | 16.4 and earlier versions | Windows and macOS |
Table 2: Vulnerable versions
Organizations are strongly encouraged to apply appropriate update using the vendor provided instruction as soon as possible.