Adobe Issues Security Bulletins for Bridge and Illustrator
Adobe published security bulletins for Adobe Bridge (APSB26-39) and Adobe Illustrator (APSB26-42), disclosing product-specific security updates for the two creative applications. The advisories were released through Adobe's product security bulletin channel and indicate that both products received fixes intended to address security issues.
The notices provide separate tracking identifiers for each application, signaling distinct remediation guidance for Bridge and Illustrator users and administrators. Organizations using either product should review the relevant Adobe bulletin, identify affected versions, and prioritize deployment of the vendor-provided updates across managed endpoints.
Timeline
Apr 14, 2026
Adobe publishes Illustrator security bulletin APSB26-42
Adobe released security bulletin APSB26-42 for Adobe Illustrator. No additional incident or exploitation details are provided in the reference.
Apr 14, 2026
Adobe publishes DNG SDK security bulletin APSB26-41
Adobe released security bulletin APSB26-41 for DNG SDK. No additional incident or exploitation details are provided in the reference.
Apr 14, 2026
Adobe publishes Bridge security bulletin APSB26-39
Adobe released security bulletin APSB26-39 for Adobe Bridge. No additional incident or exploitation details are provided in the reference.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Sources
Related Stories
Adobe Issues Security Bulletins for Acrobat and Photoshop
Adobe published security bulletins for **Acrobat** and **Photoshop**, identifying vulnerabilities in two widely deployed creative and document-processing products. The advisories, tracked as `APSB26-43` for Acrobat and `APSB26-40` for Photoshop, were released through Adobe's product security bulletin channel and signal that security updates are available for affected software. The coordinated disclosures indicate ongoing remediation across Adobe's desktop application portfolio, with organizations using Acrobat for PDF workflows and Photoshop for image editing advised to review the relevant bulletins and apply vendor-provided patches. Because both products are common in enterprise environments, defenders should prioritize update validation and deployment to reduce exposure from unpatched client-side software.
2 weeks ago
Adobe March 2026 Security Updates Across Multiple Products
Adobe published its March 2026 security advisories covering **multiple vulnerabilities** across a broad set of products, with impacts including **remote code execution (RCE)**, **elevation of privilege**, **cross-site scripting (XSS)**, **information disclosure**, **denial of service**, and **security restriction bypass**. Products called out include **Adobe Commerce** (including *Adobe Commerce B2B* and *Magento Open Source*), **Illustrator**, **Acrobat/Reader**, **Premiere Pro**, **Experience Manager (AEM)**, **Substance 3D Painter**, **Substance 3D Stager**, and the **Adobe DNG SDK**. The Hong Kong CERT bulletin characterized the overall risk level of the March release as **Medium**, listing eight medium-risk product advisories (e.g., `APSB26-05`, `APSB26-18`, `APSB26-24`, `APSB26-26`). Canada’s Cyber Centre alert (**AV26-215**) echoed the same advisory set and provided affected version ranges (e.g., *Illustrator 2025* prior to 29.8.4/30.1, *Acrobat/Reader DC* prior to 25.001.21265, *Premiere Pro* prior to 25.5, *AEM* Cloud Service and 6.5 LTS/6.5 SP23 and prior, and *DNG SDK* prior to 1.7.1 build 2471), urging organizations to review Adobe’s advisories and apply the required updates.
1 months ago
February 2026 Patch Tuesday Security Updates for Microsoft Windows and Adobe Products
Microsoft and Adobe released their **February 2026 Patch Tuesday** security updates, with Microsoft addressing **58 vulnerabilities** and reporting **six actively exploited zero-day flaws** as part of the month’s fixes. Microsoft also continued its rollout of **replacements for expiring Secure Boot certificates** and shipped the Windows 10 **KB5075912** Extended Security Update (ESU) for eligible systems (e.g., Windows 10 Enterprise LTSC and ESU-enrolled devices), updating builds to **19045.6937** (Windows 10) and **19044.6937** (LTSC 2021). In addition to security fixes, KB5075912 includes reliability remediation for an issue where some **Secure Launch-capable** PCs with **VSM** enabled could not shut down or hibernate after January 2026 security updates. Adobe published **nine security bulletins** covering **44 CVEs** across products including *After Effects, Audition, InDesign, Adobe Bridge, Lightroom Classic,* and multiple *Substance 3D* applications, with several issues rated **Critical** and potentially leading to **code execution** (notably in *After Effects* and *Substance 3D Stager*). Adobe stated that, at release time, none of the addressed vulnerabilities were listed as publicly known or under active attack, contrasting with Microsoft’s disclosure of in-the-wild exploitation for multiple zero-days in the same Patch Tuesday cycle.
1 months ago