Bulletin ID
Last updated on
16 May 2021
Security updates available for Adobe Photoshop CC | APSB17-34
|
|
Date Published |
Priority |
|---|---|---|
|
APSB17-34 |
November 14, 2017 |
3 |
Summary
Adobe has released updates for Photoshop CC for Windows and Macintosh. These updates resolve critical vulnerabilities that could lead to code execution.
Affected software versions
|
Product |
Affected version |
Platform |
|
Photoshop CC 2017 |
18.1.1 (2017.1.1) and earlier versions |
Windows and Macintosh |
Solution
Adobe recommends users update their software installations via each application's update mechanism by launching each application, navigating to the Help menu, and clicking "Updates." For more information, please reference this help page.
|
Product |
Updated versions |
Platform |
Priority rating |
|
Photoshop CC 2018 |
19.0 (2018.0) |
Windows and Macintosh |
3 |
|
Photoshop CC 2017 |
18.1.2 (2017.1.2) |
Windows and Macintosh |
3 |
Note:
For managed environments, IT administrators can use the Creative Cloud Packager to create deployment packages. Refer to this help page for more information on the Creative Cloud Packager.
Vulnerability details
|
Vulnerability Category |
Vulnerability Impact |
Severity |
CVE Number |
|---|---|---|---|
|
Memory Corruption |
Remote code execution |
Critical |
CVE-2017-11303 |
|
Use after free |
Remote code execution |
Critical |
CVE-2017-11304 |
Acknowledgments
Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers:
- Honggang Ren of Fortinet's FortiGuard Labs (CVE-2017-11303)
- TrendyTofu working with Trend Micro's Zero Day Initiative (CVE-2017-11304)