Yesterday Adobe released security updates for two critical code execution vulnerabilities affecting Windows and macOS versions of Photoshop CC.
Adobe released updates to address two critical code executions flaws that affect Photoshop for Windows and macOS versions of Photoshop CC.
The vulnerabilities, tracked as CVE-2018-12810 and CVE-2018-12811, are memory corruption issues that could be exploited by a remote attacker to execute arbitrary code in the context of the targeted user.
“Adobe has released updates for Photoshop CC for Windows and macOS. These updates resolve critical vulnerabilities in Photoshop CC 19.1.5 and earlier 19.x versions, as well as 18.1.5 and earlier 18.x versions. Successful exploitation could lead to arbitrary code execution in the context of the current user.” reads the security advisory published by Adobe.
Adobe addressed both flaws with the release of versions 19.1.6 and 18.1.6.
The vulnerabilities affect Photoshop CC 2018 version 19.1.5 and earlier 19.x versions, and Photoshop CC 2017 18.1.5 and earlier 18.x versions.
The Adobe Patch Tuesday for August 2018 addressed a total of 11 vulnerabilities in Flash Player, the Creative Cloud Desktop Application, Experience Manager, and Acrobat and Reader.
None of the patched vulnerabilities been exploited by attackers in the wild.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.