Friday, April 13, 2018

Adobe InDesign Update Available

Adobe have released updated versions of Adobe InDesign for Windows and Macintosh. The new update resolves a critical memory corruption vulnerability (CVE-2018-4928) that could be abused to execute code remotely. The vulnerability is caused by unsafe parsing of a malformed .inx file. The update also fixes an untrusted search path vulnerability (CVE-2018-4927) in the InDesign installer. This vulnerability is categorized as important.

Affected versions:
- Adobe InDesign earlier than 13.1

More information can be read from Adobe's security bulletin.

No comments: