Get ready for the October 2022 Adobe Patch Tuesday updates

by Alexandru Poloboc
Alexandru Poloboc
Alexandru Poloboc
News Editor
With an overpowering desire to always get to the bottom of things and uncover the truth, Alex spent most of his time working as a news reporter, anchor,... read more
Affiliate Disclosure
  • Are you waiting on your monthly Patch Tuesday update rollout?
  • Adobe has just finished releasing a new set of patches today.
  • All the download links you need are right here in this article.
adobe pt

XINSTALL BY CLICKING THE DOWNLOAD FILE
To fix various PC problems, we recommend Restoro PC Repair Tool:
This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues and remove viruses now in 3 easy steps:

  1. Download Restoro PC Repair Tool that comes with Patented Technologies (patent available here).
  2. Click Start Scan to find Windows issues that could be causing PC problems.
  3. Click Repair All to fix issues affecting your computer's security and performance
  • Restoro has been downloaded by 0 readers this month.

We’re pretty sure that many of you have been anxiously waiting for the Adobe Patch Tuesday rollout, and we’re here to make it a bit easier for you to find what you’re looking for.

Indeed, Microsoft isn’t the only company that has such a rollout on a monthly basis, so in this article, we’re going to talk about Adobe and some of the patches for their products.

And, as you know we do every month, we will also include links to the download source, so you don’t have to scour the internet to find them.

Adobe releases updates for 29 CVEs

Before we begin, let’s also take a look at what happened in September 2022, when Adobe released 63 CVEs in four patches for InDesign, InCopy, and Photoshop.

The highlight of last month’s release was definitely the Photoshop update which addressed a combination of 10 CVEs, nine of which are rated as critical.

It should absolutely go without saying that the most severe of these could allow code execution if an attacker convinces a target to open a specially crafted file.

Now that that’s out of the way, let’s get back to the present and explore what the company has prepared for its users as a part of the October batch of patches.

ColdFusion

The fix issued for Adobe for ColdFusion seems to be the most critical, with multiple CVSS 9.8 code execution bugs being addressed.

Know that there is also a fix for a bug in the Admin Component service, which uses a hard-coded password for the administrator user.

That being said, an attacker can leverage this vulnerability to bypass authentication on the system. Hard to imagine hard-coded credentials have existed in the product for so long without being discovered.

Product Update number Platform
ColdFusion 2018 Update 14 and earlier versions     All
ColdFusion 2021 Update 4 and earlier versions All

Commerce & Magento

Moving on, we are going to take a closer look at the Commerce and Magento update, which addresses only one bug, but it’s a CVSS 10.

Thus, if you’re using either of these products, ensure you test and deploy this quickly to fix the stored cross-site scripting (XSS) bug.

Product Version Platform
 Adobe Commerce 2.4.4-p1 and earlier versions   All
2.4.5 and earlier versions   All
Magento Open Source 2.4.4-p1 and earlier versions All
2.4.5 and earlier versions   All

Acrobat & Reader

We had an update for this app last month as well, so many users were actually confused to see another one this month.

The October patch for Acrobat and Reader was designed to fix six bugs, with the most severe being stack-based buffer overflows that could lead to code execution.

Using this bug, a threat actor would need to trick someone into opening a specially crafted PDF to get arbitrary code exec.

Product Track Affected Versions Platform
Acrobat DC  Continuous  22.002.20212 and earlier versions Windows &  macOS
Acrobat Reader DC Continuous  22.002.20212 and earlier versions
 
Windows & macOS
Acrobat Reader DC Continuous      22.002.20212 and earlier versions Windows & macOS
Acrobat 2020 Classic 2020            20.005.30381 and earlier versions  Windows & macOS
Acrobat Reader 2020 Classic 2020            20.005.30381 and earlier versions Windows & macOS

Adobe Dimension

Adobe also released a fix for Dimension that corrects nine bugs, eight of which are rated critical. Most of these are file parsing bugs and would require user interaction to exploit.  

We should also mention that none of the bugs fixed by Adobe this month are listed as publicly known or under active attack at the time of release.

Furthermore, the company actually categorizes these updates as a deployment priority rating of 3, in case you were wondering.

This is what you are looking at in terms of Patch Tuesday releases for Adobe for the month of October 2022, so hurry up and get the software.

What’s your take on this month’s release? Share your thoughts with us in the comments section below.

Still having issues? Fix them with this tool:

SPONSORED

If the advices above haven't solved your issue, your PC may experience deeper Windows problems. We recommend downloading this PC Repair tool (rated Great on TrustPilot.com) to easily address them. After installation, simply click the Start Scan button and then press on Repair All.

This article covers:Topics: