Adobe fixes 13 vulnerabilities in Illustrator

Adobe’s February Patch Tuesday updates fix more than a dozen vulnerabilities, most of which affect the company’s Illustrator vector graphics software.

In the Windows and macOS versions of Illustrator, Adobe fixed 13 vulnerabilities, including two that were assigned a rating of “critical severity” – “high severity” based on their CVSS score. The company gave “important” ratings to seven security bugs that can lead to memory leaks or application denial of service (DoS).

All of these issues were reported to Adobe by two Fortinet researchers. One also informed the software giant about a critical code execution vulnerability in Photoshop.

The company also fixed a critical code execution flaw in After Effects and the Creative Cloud installer for Windows. In Premiere Rush, it addressed a privilege escalation of moderate severity.

Adobe says it is not aware of any attacks exploiting these vulnerabilities. Since they all have a priority rating of “3”, the company believes they are unlikely to be exploited.

Last month, Adobe patched 26 vulnerabilities in its Acrobat and Reader products, including flaws that netted researchers $150,000 in China’s Tianfu Cup hacking contest, which took place in October.

Related: Adobe fixes gaping security flaws in 14 software products

Related: Adobe Joins Security Patch Tuesday Frenzy

Related: Adobe fixes a critical RoboHelp server security flaw

Edouard Kovacs (@EduardKovacs) is a SecurityWeek Contributing Editor. He worked as a high school computer teacher for two years before starting a career in journalism as a security reporter for Softpedia. Eduard holds a bachelor’s degree in industrial computing and a master’s degree in computer techniques applied to electrical engineering.

Previous columns by Eduard Kovacs:

Comments are closed.