Adobe Security Bulletin
Security updates available for Creative Cloud Desktop Application | APSB18-32
Bulletin ID Date Published Priority
APSB18-32 August 28, 2018 2

Summary

Adobe has released a security update for the Creative Cloud Desktop Application for Windows and macOS.  This update resolves an important vulnerability (CVE-2018-12829) that could lead to privilege escalation.

Affected versions

Product Affected version Platform
Creative Cloud Desktop Application

4.6.0 and earlier versions

Windows & macOS

To check the version of the Adobe Creative Cloud desktop app:

  1. Launch the Creative Cloud desktop app and sign in with your Adobe ID
  2. Click the gear icon and choose Preferences > General

Solution

Adobe categorizes this update with the following priority rating and recommends users update their installation to the newest version:

Product Updated version Platform Priority rating Availability
Creative Cloud Desktop Application 4.6.1 Windows & macOS
2
Download Center

The latest Creative Cloud Desktop App installer can be downloaded from the Download Center. For more information, please reference this help Page.

Vulnerability Details

Vulnerability Category Vulnerability Impact Severity CVE Numbers
Improper Certificate Validation Privilege Escalation Important CVE-2018-12829

Acknowledgments

Adobe would like to thank Chi Chou of AntFinancial LightYear Labs (CVE-2018-12829) for reporting this issue and for working with Adobe to help protect our customers.