Adobe critical security flaws

Adobe posted its latest batch of patches for critical security flaws (involving PostScript) with these urgent updates outside its normal schedule:

Adobe Character Animator | APSB20-25
Summary: Adobe has released an update for Adobe Character Animator for Windows and macOS. This update resolves a Stack-based Buffer Overflow Vulnerability that could lead to Remote Code Execution. (CVE-2020-9586)

Adobe Premiere Pro | APSB20-27
Adobe has released updates for Adobe Premiere Pro for Windows and macOS. This update resolves an out-of-bounds read vulnerability that could lead to information disclosure.

Adobe Premiere Rush | APSB20-29
Adobe has released updates for Adobe Premiere Rush for Windows and macOS. This update resolves an out-of-bounds read vulnerability that could lead to information disclosure.

Adobe Audition | APSB20-28
Adobe has released an update for Adobe Audition for Windows and macOS. This update resolves an important out-of-bounds read vulnerability that could lead to information disclosure.

Adobe critical security flaws

Adobe posted its latest batch of patches for critical security flaws in three products:

Adobe Bridge | APSB20-19
Adobe has released a security update for Adobe Bridge. This update addresses multiple critical and important vulnerabilities that could lead to arbitrary code execution and information disclosure

Adobe Magento | APSB20-22
Magento has released updates for Magento Commerce and Open Source editions. These updates resolve vulnerabilities rated Critical, Important and Moderate (severity ratings). Successful exploitation could lead to arbitrary code execution

Adobe Illustrator | APSB20-20
Adobe has released updates for Adobe Illustrator 2020 for Windows. This update resolves critical vulnerabilities that could lead to arbitrary code execution…

Microsoft security patches

Microsoft posted patches for more than a hundred security flaws in its products today, including critical and zero-day vulnerabilities in Windows, as well as dangerous remote code execution vulnerabilities affecting Office for Mac, as well.  Bleeping Computer summarized the situation with links to CVE descriptions of the flaws and updates, including the following, among others:

Microsoft April 2020 Patch Tuesday fixes 3 zero-days, 15 critical flaws

CVE-2020-0980 | Microsoft Word Remote Code Execution Vulnerability
An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.

CVE-2020-0919 | Microsoft Remote Desktop App for Mac Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in Remote Desktop App for Mac in the way it allows an attacker to load unsigned binaries. An attacker could then install programs; view, change, or delete data with the logged in user’s privileges. To exploit this vulnerability, an attacker would have to first get access to the victim’s system.

CVE-2020-0984 | Microsoft (MAU) Office Elevation of Privilege Vulnerability
An attacker who successfully exploited the vulnerability who already has the ability to execute code on a system could elevate privileges.

CVE-2020-1019 | Microsoft RMS Sharing App for Mac Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in RMS Sharing App for Mac in the way it allows an attacker to load unsigned binaries. An attacker could then install programs; view, change, or delete data with the logged in user’s privileges. To exploit this vulnerability, an attacker would first have to get access to the victim’s system.

Adobe security patches

Adobe Inc. has issued its latest product security patches, including critical patches for the Windows platform:

APSB20-01: Adobe Experience Manager
Adobe has released security updates for Adobe Experience Manager (AEM). These updates resolve multiple vulnerabilities in AEM versions 6.5 and below rated Important and Moderate. Successful exploitation could result in sensitive information disclosure.

APSB20-03: Adobe Illustrator CC
Adobe has released updates for Adobe  Illustrator CC for Windows. This update resolves critical vulnerabilities that could lead to arbitrary code execution

Discussions

Adobe security discussion warns of a nasty deception with Adobe Reader and Adobe Acrobat claiming everything is up to date and secure while users are actually exposed to critical vulnerabilities!

MacInTouch Community discussions also include the following topics, among recent updates and others:

Apple Security Bounty program

Apple has an updated program for paying security researchers “who share with us critical issues and the techniques used to exploit them.” Promised payments extend as high as $1,000,000 for “zero-click kernel code execution with persistence and kernel PAC bypass.”

Apple Security Bounty

Eligibility
In order to be eligible for an Apple Security Bounty, the issue must occur on the latest publicly available versions of iOS, iPadOS, macOS, tvOS, or watchOS with a standard configuration and, where relevant, on the latest publicly available hardware. These eligibility rules are meant to protect customers until an update is available, ensure Apple can quickly verify reports and create necessary updates, and properly reward those doing original research. Researchers must:

  • Be the first party to report the issue to Apple Product Security.
  • Provide a clear report, which includes a working exploit (detailed below).
  • Not disclose the issue publicly before Apple releases the security advisory for the report. (Generally, the advisory is released along with the associated update to resolve the issue). See terms and conditions.

Issues that are unknown to Apple and are unique to designated developer betas and public betas, including regressions, can result in a 50% bonus payment. Qualifying issues include:

  • Security issues introduced in certain designated developer beta or public beta releases, as noted on this page when available. Not all developer or public betas are eligible for this additional bonus.
  • Regressions of previously resolved issues, including those with published advisories, that have been reintroduced in a developer beta or public beta release, as noted on this page when available.