A week after the June 2020 Patch Tuesday, Adobe has plugged more critical security holes in some of its well known graphic design and video and audio editing software. The company has also announced that it will be adding the Protected Mode feature (i.e., a sandbox) to the Windows version of Adobe Acrobat DC.
The security updates
Both the Adobe Illustrator and the Adobe After Effects updates fix five flaws that can lead to code execution. The Adobe Premiere Pro and Adobe Premiere Rush updates fix three of them, and the Adobe Audition update resolves two.
Finally, the update for Adobe Campaign, a software application for coordinating the creation of conversational marketing campaigns, fixes just one “important” vulnerability that ultimately could lead to information disclosure.
The priority rating for all of these updates is not high, because they resolve vulnerabilities in products that have historically not been a target for attackers. Also, none of the vulnerabilities are actively exploited by attackers. Nevertheless, admins should not take long to install the updates.
Protected Mode for Adobe Acrobat DC
Adobe Acrobat DC is the subscription versions of Acrobat combined with Document Cloud services, and allows users to create PDFs, export them, edit them, sign them, share them, etc.
“Enabling Protected Mode in Acrobat DC provides additional layers of protection that help you better protect desktop environments from potentially malicious code. Documents and application code are isolated within a ‘Sandbox’ (i.e. a confined execution environment). This offers additional protections should users inadvertently open malicious PDFs,” the company shared.
Protected mode is still in preview, and can be enabled through Acrobat’s security preferences (see image above) or by setting a specific registry key.
The move comes nearly ten years after Adobe added the feature to Acrobat Reader DC, its widely used (free) PDF reader.