Adobe Security Bulletin
Security updates available for Adobe Photoshop CC | APSB18-28
Bulletin ID Date Published Priority
APSB18-28 August 21, 2018 3

Summary

Adobe has released updates for Photoshop CC for Windows and macOS. These updates resolve critical vulnerabilities in Photoshop CC 19.1.5 and earlier 19.x versions, as well as 18.1.5 and earlier 18.x versions.  Successful exploitation could lead to arbitrary code execution in the context of the current user.

Affected Product Versions

Product Affected version Platform
Photoshop CC 2018 19.1.5 and earlier Windows and macOS
Photoshop CC 2017 18.1.5 and earlier Windows and macOS

Solution

Adobe recommends users update their software installations via each application's update mechanism by launching each application, navigating to the Help menu, and clicking "Updates." For more information, please reference this help page.

Product Updated versions Platform
Photoshop CC 2018 19.1.6 Windows and macOS
Photoshop CC 2017 18.1.6 Windows and macOS

Note:

For managed environments, IT administrators can use the Creative Cloud Packager to create deployment packages. Refer to this help page for more information on the Creative Cloud Packager. 

Vulnerability details

Vulnerability Category Vulnerability Impact Severity CVE Number
Memory Corruption Remote Code Execution Critical CVE-2018-12810
Memory Corruption Remote Code Execution Critical CVE-2018-12811

Acknowledgments

Adobe would like to thank Kushal Arvind Shah of Fortinet's FortiGuard Labs for reporting these issues and for working with Adobe to help protect our customers.