Adobe has released critical security patches for 48 vulnerabilities across its product lines, including code execution issues in the Adobe Commerce software suite. The company’s regular Patch Tuesday rollout prioritized several high-severity bugs, with Adobe Commerce being highlighted as a top concern.
A critical-severity bug in Adobe Commerce (CVE-2024-49521) exposes e-commerce shops to code execution attacks, and Adobe urges users to update to version 3.2.6 immediately. The issue affects versions 3.2.5 and earlier of the Commerce Services Connector deployed as SaaS.
Other affected products include Adobe Photoshop, which is vulnerable to a major security defect that could be exploited for code execution on both Windows and macOS devices. Meanwhile, Adobe InDesign has six documented vulnerabilities, with three rated critical-severity. Immediate remediation is recommended.
Adobe Substance 3D Painter, Adobe After Effects, and Adobe Audition also require urgent attention due to critical issues identified in the latest patches. The company advises users to update their software as soon as possible to secure their installations.
Source: https://www.securityweek.com/patch-tuesday-critical-flaws-in-adobe-commerce-photoshop-indesign-illustrator