Adobe Security Bulletin

Security Updates Available for Adobe Genuine Service | APSB20-42

Bulletin ID	Date Published	Priority
APSB20-42	July 14, 2020	3

Adobe has released updates for the Adobe Genuine Service for Windows and macOS. This update resolves important vulnerabilities which could lead to privilege escalation in the context of the current user.

Product	Version	Platform
Adobe Genuine Service	Version 6.6 and earlier versions	Windows and macOS

Opomba:

To verify the version of Adobe Genuine Integrity Service installed on your system, please follow the following steps:

For Windows machines, navigate to C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient
Right click on AdobeGCClient.exe, select “Properties”.
Go to “Details” tab, the File Version can be seen within.

Adobe categorizes these updates with the following priority ratings.

Product	Version	Platform	Priority Rating
Adobe Genuine Service	7.1	Windows and macOS	3

Opomba:

Adobe Genuine Integrity Service has a self-update mechanism that runs automatically at a regular interval when the host is connected to the internet. For more details regarding Adobe Genuine Integrity Service, please visit here.

Vulnerability Category

Vulnerability Impact

Severity

CVE Numbers

Insecure library loading

Privilege Escalation

Important

CVE-2020-9667

CVE-2020-9681

Mishandling symbolic links

Privilege Escalation

Important

CVE-2020-9668

Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers:  

Adrian Denkiewicz from CQURE. (CVE-2020-9667)
Zhongcheng Li (CK01) of Topsec Alpha Team (CVE-2020-9668, CVE-2020-9681)

Adobe Security Bulletin

Summary

Affected Versions

Solution

Vulnerability details

Acknowledgments

Vprašajte skupnost

Stopite v stik z nami