Adobe Security Bulletin

Security updates available for Adobe Photoshop CC | APSB17-34

Bulletin ID

Date Published

Priority

APSB17-34

November 14, 2017

3

Summary

Adobe has released updates for Photoshop CC for Windows and Macintosh. These updates resolve critical vulnerabilities that could lead to code execution. 

Affected software versions

Product

Affected version

Platform

Photoshop CC 2017

18.1.1 (2017.1.1) and earlier versions

Windows and Macintosh

Solution

Adobe recommends users update their software installations via each application's update mechanism by launching each application, navigating to the Help menu, and clicking "Updates." For more information, please reference this help page.

Product

Updated versions

Platform

Priority rating

Photoshop CC 2018

19.0 (2018.0)

Windows and Macintosh

3

Photoshop CC 2017

18.1.2 (2017.1.2)

Windows and Macintosh

3

Note:

For managed environments, IT administrators can use the Creative Cloud Packager to create deployment packages. Refer to this help page for more information on the Creative Cloud Packager. 

Vulnerability details

Vulnerability Category

Vulnerability Impact

Severity

CVE Number

Memory Corruption

Remote code execution

Critical

CVE-2017-11303

Use after free

Remote code execution

Critical

CVE-2017-11304

Acknowledgments

Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers:

  • Honggang Ren of Fortinet's FortiGuard Labs (CVE-2017-11303)
  • TrendyTofu working with Trend Micro's Zero Day Initiative (CVE-2017-11304)

 Adobe

Get help faster and easier

New user?