Take action: Time to update your Adobe Acrobat applications and ColdFusion systems. Don't delay, the Acrobat fix is quite easy and the ColdFusion platform is visible on the internet so it's going to get attacked soon.

---

Learn More

Adobe issued an extensive set of security updates addressing high-risk vulnerabilities across a range of its products, including Acrobat and Reader, ColdFusion, InDesign, InCopy, and Audition.

During its regular Patch Tuesday release cycle, the company detailed 72 unique security vulnerabilities, highlighting 17 severe executable code vulnerabilities within the popular Acrobat and Reader applications that could potentially allow attackers to execute arbitrary code and trigger memory leak problems on systems running unpatched versions of Windows and macOS.

Affected versions of Acrobat are:

Product	Track	Affected Versions	Platform
Acrobat DC	Continuous	23.006.20360 and earlier versions	Windows &  macOS
Acrobat Reader DC	Continuous	23.006.20360 and earlier versions	Windows & macOS
Acrobat 2020	Classic 2020	20.005.30524 and earlier versions	Windows & macOS
Acrobat Reader 2020	Classic 2020	20.005.30524 and earlier versions	Windows & macOS

For ColdFusion, a web application development platform, Adobe has rectified at least six critical flaws that could be exploited to execute arbitrary code or circumvent security mechanisms, impacting versions on all platforms:

• ColdFusion 2023 Update 5 and earlier versions
• ColdFusion 2021 Update 11 and earlier versions

Additionally, Adobe's comprehensive patch collection addresses vulnerabilities in several other products:

• five in RoboHelp Server related to arbitrary code execution and memory leaks;
• six in Photoshop for arbitrary code execution and memory leaks;
• seven in InDesign associated with denial-of-service and memory leaks; and three in Adobe Bridge that could lead to memory leakage.
• code execution vulnerabilities have been patched in Adobe FrameMaker Publishing Server as well as in Adobe Media Encoder and Adobe Premiere Pro.