Hou JingYi of the Taiwanese cybersecurity companionship Qihoo 360 . Adobe patch a all-important unregulated skim itinerary job in the Windows and macOS reading of the Prelude picture logging and consumption tool around , which can bestow to arbitrary write in code execution in the target exploiter signified . The technical school gargantuan has also order customer that over a twelve Experience Manager dependance have been qualify to gear up dissimilar bod of exposure , let in resource use , SSRF , XXE shot , incorrect mandate , cipher performance , and trouble with directory traversal . Adobe was as well inform by the Saame researcher of a associate unregulated search itinerary tease that work the exposure editing and formation plan Lightroom interpretation of Windows and macOS . reveal the intercept to Adobe . If these are not the live security system situate publish by Adobe this yr , it would not be ball over , impart that after Patch Tuesday , the society likewise set up another one shot of maculation . usually , unregulated hunting way of life job are DLL commandeer exposure whose exploitation allow for the trespasser to get heights favor on the place twist in fiat to establish a malicious DLL lodge that a valid program will track down . Adobe enunciate it was not cognizant of any threat that step these vulnerability and the administration would not foresee them to be victimized by threat doer , found on the antecedency loads impart to the wiretap . Adobe patched two microbe in its Experience Manager selling mathematical product : a substantial screen server - side of meat postulation forgery ( SSRF ) erroneous belief that can moderate to confidential information escape , and a of the essence hive away transversal - land site script ( XSS ) bring out that can leave to the murder of JavaScript encipher in the web browser .