Adobe’s Patch Day in May saw only one application affected by security vulnerabilities, making it very manageable for developers. The critical vulnerability in question was found in Substance 3D Painter, and Adobe has urged its users to patch the problem immediately.
In total, 14 security gaps were identified, with Adobe classifying 11 of them as “critical”. Attackers could have potentially provoked memory errors in all cases, leading to the execution of malicious code on systems. Researchers at Trend Micro’s Zero Day Initiative explained that in at least one instance, attackers would have to convince victims to open a prepared file to launch an attack.
The vulnerabilities impacted all platforms, making it imperative that the security problems be addressed. Adobe’s developers state that they have successfully solved the security problems in version 8.3.1, although all previous releases remain vulnerable.
Overall, Adobe’s Patch Day in May was not overly concerning, though it is essential that users of Substance 3D Painter actively take steps to address the vulnerability. As always, it is critical to patch affected software to minimize the risks of exploitation.
