Copy link to clipboard
Copied
QID 372504 detection logic states that DigitalEditions.exe version 4.5.11 is vulnerable to APSB20-23. However the most recent update available on the ADE download site, 4.5.11.187303 does not update the main executable's file version (still just 4.5.11) so Qualys is still detecting the old vuln even with the new software installed. Are there any new software releases coming that will update the DigitalEditions.exe file version?
Copy link to clipboard
Copied
Adobe just released a new version of ADE (4.5.12) and after many years, this time it is a minor version upgrade instead of a build version upgrade. They did this specifically to address the issue that asset management and vulnerability management tools were not able to correctly detect the installed version because in the past the installer was not correctly setting the required registry keys. The download page with the new build is at ADOBE DIGITAL EDITIONS Download - https://www.adobe.com/