Adobe Issues Emergency Patches for Critical Flaws in Photoshop CC


Adobe Issues Emergency Patches for Critical Flaws in Photoshop CC

Adobe released an out-of-band security update earlier today to address two critical remote code execution vulnerabilities impacting Adobe Photoshop CC for Microsoft Windows and Apple macOS machines.

According to the security advisory published Wednesday by Adobe, its Photoshop CC software is vulnerable to two critical memory corruption vulnerabilities, which could allow a remote attacker to execute arbitrary code in the context of the targeted user.

The vulnerabilities, identified as CVE-2018-12810 and CVE-2018-12811, impact Adobe Photoshop CC 2018 version 19.1.5 and earlier 19.x versions, as well as Adobe Photoshop CC 2017 version 18.1.5 and earlier 18.x versions.

The critical security flaws were discovered and reported by Kushal Arvind Shah of Fortinet’s FortiGuard Labs, and have now been addressed by Adobe with the release of Photoshop CC versions 19.1.6 and 18.1.6.

It should be noted that these RCE vulnerabilities were not part of August 2018 security patch updates released by the company last week to address a total of 11 security flaws in its Flash Player, Acrobat and Reader, Experience Manager, and Creative Cloud.

However, only two of the security bugs patched in this month’s update were deemed critical in severity, while none of the flaws have been exploited in the wild.

Although the newly patched RCE flaws have been assigned a “critical” severity rating, they have been given a priority rating of 3, which also suggests that the flaws have not been targeted by malicious actors in the wild.

More details about the critical RCE vulnerabilities are not available at the moment.
However, users and administrators using Adobe Photoshop CC software are strongly recommended to download and install the latest security patches as soon as possible.

Have something to say about this article? Comment below or share it with us on FacebookTwitter or our LinkedIn Group.

About the author

cyberonesol administrator

Cyber One Solutions is a Managed Security and IT Services Provider headquartered in Houston Texas. Since our inception, Cyber One Solutions has helped businesses of all sizes turn their IT into an unfair competitive advantage. We've been helping companies and organizations alike tackle their complex IT challenges through our unique approach to comprehensive technology management and consultancy services, as well as a commitment to excellence in customer service. We are one of the nation's leading Managed Service Providers with a deep bench o certified technical engineers and IT support staff ready to provide technology management and consultancy services to help businesses continue to grow and thrive.

You must be logged in to post a comment.

%d bloggers like this: