Get the September 2022 Adobe Patch Tuesday updates

News » Security » Patch Tuesday

Reading time icon 4 min. read

Calendar icon Published on

by Alexandru Poloboc 

published on

Share this article

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more

Key notes

  • Are you waiting on your monthly Patch Tuesday update rollout?
  • Adobe has just finished releasing a new set of patches today.
  • All the download links you need are right here in this article.
adobe patch tuesday

Many of you have surely been anxiously waiting for the Adobe Patch Tuesday rollout, and we’re here to make it a bit easier for you to find what you’re looking for.

No, Microsoft isn’t the only company that has such a rollout on a monthly basis, so in this article, we’re going to talk about Adobe and some of the patches for their products.

And, as you know we do every month, we will also include links to the download source, so you don’t have to scour the internet to find them.

Adobe releases updates for 63 CVEs

However, before we begin, let’s also take a look at what happened in August 2022, when Adobe released 25 CVEs in four patches for Acrobat and Reader, Commerce, and FrameMaker.

The highlight of last month’s release was definitely the FrameMaker update which addressed a combination of six CVEs, five of which could lead to code execution.

It should absolutely go without saying that the most severe of these could allow code execution if an attacker convinces a target to open a specially crafted PDF document.

Now that that’s out of the way, let’s get back to the present and explore what the company has prepared for its users as a part of the September batch of patches.

This month, September 2022, we are looking at security fixes for software such as Bridge, InDesign, Photoshop, InCopy, Animate, and Illustrator.

InDesign

We are going to start with the update for InDesign this time, which is also the largest patch this month for Adobe products.

Adobe had to fix eight Critical-rated and 10 Important-rated vulnerabilities, the most severe of these could lead to code execution if a specially crafted file is opened on an affected system

Affected versions

ProductAffected versionPlatform
Adobe InDesign17.3 and earlier versionsWindows and macOS 
Adobe InDesign16.4.2 and earlier versionsWindows and macOS 

Photoshop

There are so many people using Adobe Photoshop that this message should be treated with the upmost importance.

This month’s Photoshop patch fixes 10 CVEs, 9 of which are rated Critical. As well as in the case of InDesign, an attacker can get code execution if they can convince a user to open a malicious file.

Affected versions

ProductAffected versionPlatform
Photoshop 202122.5.8 and earlier versions     Windows and macOS
Photoshop 202223.4.2 and earlier versionsWindows and macOS

InCopy

We’re now going to look at some Adobe software that isn’t as popular or widely used as Photoshop or Reader but needed fixing nonetheless.

For September 2022, Adobe issued a fix patch for InCopy, meant to address fixes five similar code execution bugs and two info disclosure bugs.

Affected versions

ProductAffected versionPlatform
Adobe InCopy  17.3 and earlier versionWindows and macOS
Adobe InCopy  16.4.2 and earlier versionWindows and macOS

Animate

Yes, this month we are also getting an Adobe Animate patch, even though this software hasn’t been susceptible to attacks in quite some time now.

That being said, know that, for September, Adobe Animate also receives patches for two Critical-rated code execution bugs.

Affected versions

ProductVersionPlatform
Adobe Animate 202121.0.11 and earlier versions
      		Windows and macOS
Adobe Animate 202222.0.7 and earlier versionsWindows and macOS

Bridge

Next, we’re going to take a closer look at the update for Adobe Bridge, one that corrects 10 Critical-rated code execution bugs and two Important-rated info disclosure bugs.

Some pretty nasty bugs got fixed in this month’s Patch Tuesday release, so it makes you wonder what else Adobe is hiding behind closed doors.

Affected versions

ProductVersionPlatform
Adobe Bridge  12.0.2 and earlier versions Windows  and macOS
Adobe Bridge  11.1.3 and earlier versions Windows  and macOS

Illustrator

We can’t end this article without also taking a peek at the updates that Adobe has prepared for the Illustrator application.

Thus, one of the three Illustrator vulnerabilities getting fixed could also lead to code execution, which really comes as no surprise anymore.

Just as in the cases described above, a user would need to open a malicious file with an affected software version in order for the attack to begin.

Affected versions

ProductVersionPlatform
Illustrator 202226.4 and earlier versions Windows and macOS
Illustrator 202125.4.7 and earlier versions Windows and macOS

Also, Adobe managed to patch Experience Manager as well, and addressed 11 Important-rated bugs, primarily of the cross-site scripting (XSS) variety.

Remember that none of the bugs fixed by Adobe this month are listed as publicly known or under active attack at the time of release.

This is what you are looking at in terms of Patch Tuesday releases for Adobe for the month of September 2022, so hurry up and get the software.

What’s your take on this month’s release? Share your thoughts with us in the comments section below.

More about the topics: patch tuesday

Alexandru Poloboc

Alexandru Poloboc Shield

Tech Journalist

With an overpowering desire to always get to the bottom of things and uncover the truth, Alex spent most of his time working as a news reporter, anchor, as well as TV and radio entertainment show host. A certified gadget freak, he always feels the need to surround himself with next-generation electronics. When he is not working, he splits his free time between making music, gaming, playing football, basketball and taking his dogs on adventures.