Fix for out-of-bounds write remote code execution vulnerability

Problem

A security vulnerability that results in out-of-bound write remote code execution while parsing PDF files is identified in FrameMaker 2020 Summer release Update 1 and earlier and 2019 release Update 8 and earlier. For more information about this vulnerability, see Adobe Security Bulletin.

Note:

This issue is fixed in FrameMaker 2020 Summer release Update 2. You can install the latest update by launching FrameMaker and then going to Help > Updates, or visit the Download FrameMaker page.

Solution

To resolve this issue, do the following:

  1. Download the updated AGM.dll file applicable for your product's version. 

    Download

  2. Extract the contents of the ZIP file.

    The ZIP contains the updated AGM.dll file. 

  3. Navigate to the FrameMaker install location.

    The default install location corresponding to your version of FrameMaker is:

    • FrameMaker (2019 release) 64-bit: C:\Program Files\Adobe\Adobe FrameMaker 2019
    • FrameMaker (2019 release) 32-bit: C:\Program Files (x86)\Adobe\Adobe FrameMaker 2019  
  4. Replace the existing AGM.dll file with the updated file you extracted in Step 2.

    When you are prompted, click Yes to overwrite the existing file. 

  5. Launch FrameMaker.  

 Adobe

Get help faster and easier

New user?

Adobe MAX 2024

Adobe MAX
The Creativity Conference

Oct 14–16 Miami Beach and online

Adobe MAX

The Creativity Conference

Oct 14–16 Miami Beach and online

Adobe MAX 2024

Adobe MAX
The Creativity Conference

Oct 14–16 Miami Beach and online

Adobe MAX

The Creativity Conference

Oct 14–16 Miami Beach and online