Adobe has released an off-cycle patch to address a trio of vulnerabilities discovered in Media Encoder. Adobe Media Encoder, software used to encode audio and video in various formats, is the sole subject of the security update released outside of the company’s regular monthly publication.
On Tuesday, Adobe had three vulnerabilities (CVE-2020-9739, CVE-2020-9744 and CVE-2020-9745), security flaws “that could lead to the disclosure of information in the context of the current user.”
Update to stay protected
Reported to Adobe by cybersecurity researcher Radu Motspan, the bugs are considered “important” and have an impact on version 14.4 of Adobe Media Encoder, both on Windows machines and on Macs. However, each vulnerability was only given a priority rating of 3. Which, according to Adobe, means that the software in question “has never been a target for attackers.” As always, it is recommended that users accept automatic software updates to fix their builds to stay protected.
Last week, the software giant released its update with September security patch. It attacks vulnerabilities in Adobe Experience Manager, InDesign and Framemaker. Critical and significant vulnerabilities of the products have been addressed, including cross-site scripting (XSS) issues, memory corruption bugs, and security issues leading to arbitrary code execution, including in a session. Navigator.
Adobe released its third quarter financial results on Tuesday, which exceeded analysts’ expectations. The company reported $ 955 million in profits, on sales of $ 3.16 billion.