Copy link to clipboard
Copied
Hi
Endpoint manager and our defender enterprise has flagged the following security vulnerability with our adobe bridge enterprise installs
An attacker can exploit this misconfiguration in order to perform path interception to gain escalation of privileges and persistency on the machine.
Service Path
C:\Program Files\WindowsApps\Adobe-Bridge-022_1.0.0.0_x64__enb9d4674ppy2\VFS\ProgramFilesCommonX86\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
We had a few other scan messages on other older applications and i used the guide here to fix them using powershell
https://www.techiessphere.com/2017/06/how-to-fix-unquoted-service-path-vulnerability.html
However the folder path where the adobeupdateservice.exe lives is a protected folder and i cant see to be able to write to it to fix the vulnerability
Any ideas?
Thanks
Copy link to clipboard
Copied
Report this to Adobe's security team, not here.
Copy link to clipboard
Copied
Have you got an email address for them spoke to 4 different "agents" trying to explain the above without any success
Copy link to clipboard
Copied
Copy link to clipboard
Copied
Theres no actual email address useful there - cant face another hour in chat trying to explain the issue - dont they have a support email
Copy link to clipboard
Copied
my bad will didnt check the bottom - thanks