Adobe addressed critical bugs in Illustrator, After Effects Software

Adobe Patch Tuesday addressed multiple vulnerabilities, including critical issues that expose Windows and macOS to hack.

Adobe released security updates to address multiple vulnerabilities impacting Photoshop, Illustrator and After Effects for both Windows and macOS users.

Adobe addressed four critical issues (CVE-2022-24094, CVE-2022-24095, CVE-2022-24096, and CVE-2022-24097) affecting the After Effects products, successful exploitation could lead to arbitrary code execution in the context of the current user.    

Below is the list of the issues:

The software giant also addressed a critical buffer overflow issue, tracked as CVE-2022-23187, in Illustrator, that can lead to arbitrary code execution. The flaw was reported by Kushal Arvind Shah of Fortinet’s FortiGuard Labs and impacts both Windows and macOS versions of Illustrator 26.0.3 and earlier versions.

The company also fixed an important-severity flaw, tracked as CVE-2022-24090, in the Photoshop software. The successful exploitation of the flaw could lead to memory leak in the context of the current user.   

The good news is that the company was not aware of any exploits in the wild for the above vulnerabilities.

Microsoft also published its Patch Tuesday security updates for February 2023 that addressed 75 flaws, including three actively exploited zero-day bugs.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Patch Tuesday)