Adobe Security Bulletin

Security updates available for Creative Cloud Desktop Application | APSB18-20

Bulletin ID	Date Published	Priority
APSB18-20	August 14, 2018	3

Adobe has released a security update for the Creative Cloud Desktop Application installer for Windows. This update resolves an insecure library loading vulnerability in the installer that could lead to privilege escalation (CVE-2018-5003).

Product	Affected version	Platform
Creative Cloud Desktop Application (installer)	4.5.0.324 and earlier versions	Windows

To check the version of the Adobe Creative Cloud desktop app:

Launch the Creative Cloud desktop app and sign in with your Adobe ID
Click the gear icon and choose Preferences > General

Adobe categorizes this update with the following priority rating and recommends users update their installation to the newest version:

Product	Updated version	Platform	Priority rating	Availability
Creative Cloud Desktop Application (installer)	4.5.5.342	Windows	3	Download Center

The latest Creative Cloud Desktop App installer can also be downloaded from the Download Center.

Vulnerability Category	Vulnerability Impact	Severity	CVE Numbers
Insecure Library Loading (DLL hijacking)	Privilege Escalation	Important	CVE-2018-5003

Adobe would like to thank the following individual for reporting the relevant issues and for working with Adobe to help protect our customers:

Alec Blance (CVE-2018-5003)

Adobe Security Bulletin

Summary

Affected versions

Solution

Vulnerability Details

Acknowledgments

Ask the Community

Contact Us