Skip to main content
D
dean25141453w6bs
New Participant
July 11, 2022
Question

Adobe Bridge: Fix unquoted service path for Windows services

  • July 11, 2022
  • 1 reply
  • 692 views

Hi

 

Endpoint manager and our defender enterprise has flagged the following security vulnerability with our adobe bridge enterprise installs

 

An attacker can exploit this misconfiguration in order to perform path interception to gain escalation of privileges and persistency on the machine.

Service Path
C:\Program Files\WindowsApps\Adobe-Bridge-022_1.0.0.0_x64__enb9d4674ppy2\VFS\ProgramFilesCommonX86\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe

 

We had a few other scan messages on other older applications and i used the guide here to fix them using powershell

 

https://www.techiessphere.com/2017/06/how-to-fix-unquoted-service-path-vulnerability.html

 

However the folder path where the adobeupdateservice.exe lives is a protected folder and i cant see to be able to write to it to fix the vulnerability

 

Any ideas?

 

Thanks

 

This topic has been closed for replies.

1 reply

L
Lumigraphics
Brainiac
July 11, 2022

Report this to Adobe's security team, not here.

D
dean25141453w6bsAuthor
New Participant
July 11, 2022

Have you got an email address for them spoke to 4 different "agents" trying to explain the above without any success

L
Lumigraphics
Brainiac
July 12, 2022

https://helpx.adobe.com/security/alertus.html

Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices