Bulletin ID
Security updates available for Adobe Photoshop CC | APSB18-17
|
Date Published |
Priority |
---|---|---|
APSB18-17 |
May 14, 2018 |
3 |
Summary
Adobe has released updates for Photoshop CC for Windows and macOS. These updates resolve a critical vulnerability in Photoshop CC 19.1.3 and earlier 19.x versions, as well as 18.1.3 and earlier 18.x versions. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Affected Product Versions
Product |
Affected version |
Platform |
Photoshop CC 2018 |
19.1.3 and earlier |
Windows and macOS |
Photoshop CC 2017 |
18.1.3 and earlier |
macOS |
Photoshop CC 2017 |
18.1.2 and earlier |
Windows |
Solution
Adobe recommends users update their software installations via each application's update mechanism by launching each application, navigating to the Help menu, and clicking "Updates." For more information, please reference this help page.
Product |
Updated versions |
Platform |
Photoshop CC 2018 |
19.1.4 |
Windows and macOS |
Photoshop CC 2017 |
18.1.4 |
Windows and macOS |
For managed environments, IT administrators can use the Creative Cloud Packager to create deployment packages. Refer to this help page for more information on the Creative Cloud Packager.
Vulnerability details
Vulnerability Category |
Vulnerability Impact |
Severity |
CVE Number |
---|---|---|---|
Out-of-bounds write |
Remote Code Execution |
Critical |
CVE-2018-4946 |
Acknowledgments
Adobe would like to thank Giwan Go working with Trend Micro's Zero Day Initiative (CVE-2018-4946) for reporting the relevant issues and for working with Adobe to help protect our customers.