====================================================================

                             CERT-Renater

                 Note d'Information No. 2020/VULN588
_____________________________________________________________________

DATE                : 21/10/2020

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Windows, macOS running Adobe InDesign versions
                                    prior to 16.0.

=====================================================================
https://helpx.adobe.com/security/products/indesign/apsb20-66.html
_____________________________________________________________________

Security Update Available for Adobe InDesign | APSB20-66
Bulletin ID 	Date Published      Priority
APSB20-66 	October 20, 2020    3


Summary

Adobe has released a security update for Adobe InDesign.  This update
addresses a critical vulnerability. Successful exploitation could lead
to arbitrary code execution in the context of the current user.


Affected versions

Product             Affected version              Platform
Adobe InDesign      15.1.2 and earlier versions   Windows


Solution

Adobe categorizes these updates with the following priority rating and
recommends users update their software installations via the Creative
Cloud desktop app updater, or by navigating to the InDesign Help menu
and clicking "Updates." For more information, please reference this help
page.


Product    Updated version     Platform    Priority rating  Availability
Adobe InDesign 	16.0	Windows and macOS 	3 	   Release Note 

For managed environments, IT administrators can use the Creative Cloud
Packager to create deployment packages. Refer to this help page for more
information.


Vulnerability Details

Vulnerability Category 	 Vulnerability Impact 	Severity    CVE Number
Memory Corruption     Arbitrary Code Execution 	Critical  CVE-2020-24421


Acknowledgments

Adobe would like to thank Kexu Wang of Fortinet's FortiGuard Labs for
reporting this issue and for working with Adobe to help protect our
customers. 


=========================================================
+ CERT-RENATER       |    tel : 01-53-94-20-44          +
+ 23/25 Rue Daviel   |    fax : 01-53-94-20-41          +
+ 75013 Paris        |    email:cert@support.renater.fr +
=========================================================