Fix critical vulnerabilities in FrameMaker | May 2022

Problem

Some security vulnerabilities that result in the following conditions are identified in FrameMaker 2020 release Update 4 and earlier, and FrameMaker 2019 release Update 8 and earlier:

  • Out-Of-Bounds Write Remote Code Execution
  • Out-Of-Bounds Write Code Execution
  • Out-Of-Bounds Read Information Disclosure
  • Use-After-Free Remote Code Execution

For more information about these vulnerabilities, see Adobe Security Bulletin.

Solution

To resolve these issues, do the following:

  1. Download the updated files applicable for your product's version. 

  2. Extract the contents of the ZIP file. The ZIP contains the following updated files:  

    FrameMaker (2019 release)

    • CoolType.dll
    • SVGRE.dll
    • SVGExport.dll
    • AdobeSVGAGM.dll

    FrameMaker (2020 release)

    • ACE.dll
    • AGM.dll
    • ARE.dll
    • AdobePDFL.dll
    • AdobeSVGAGM.dll
    • BIB.dll
    • BIBUtils.dll
    • CoolType.dll
    • pdfport.dll
    • SVGRE.dll
    • SVGExport.dll
    • libeay32.dll
  3. Navigate to the FrameMaker install location.

    The default install location corresponding to your version of FrameMaker is:

    FrameMaker (2019 release)

    • 64-bit: C:\Program Files\Adobe\Adobe FrameMaker 2019
    • 32-bit: C:\Program Files (x86)\Adobe\Adobe FrameMaker 2019  

    FrameMaker (2020 release)

    • C:\Program Files\Adobe\Adobe FrameMaker 2020
  4. Replace the existing files with the updated files you extracted in Step 2.

    When you are prompted, click Yes to overwrite the existing files. 

  5. Launch FrameMaker.  

 Adobe

Get help faster and easier

New user?

Adobe MAX 2024

Adobe MAX
The Creativity Conference

Oct 14–16 Miami Beach and online

Adobe MAX

The Creativity Conference

Oct 14–16 Miami Beach and online

Adobe MAX 2024

Adobe MAX
The Creativity Conference

Oct 14–16 Miami Beach and online

Adobe MAX

The Creativity Conference

Oct 14–16 Miami Beach and online