Adobe Security Bulletin

Security update available for Adobe Creative Cloud Desktop Application | APSB20-68

Bulletin ID	Date Published	Priority
ASPB20-68	October 20, 2020	3

Adobe has released a security update for the Creative Cloud Desktop Application installer for Windows.  This update resolves a critical vulnerability in the installer that could lead to arbitrary code execution. 

Product	Affected version	Platform
Creative Cloud Desktop Application (old installer)	5.2 and earlier version	Windows
Creative Cloud Desktop Application (new installer)	2.1 and earlier versions	Windows

Note:

To check the version of the Adobe Creative Cloud desktop application installer:  

Visit Properties”>”Details” on Windows or “Get Info” on Mac to view the installer version

Adobe categorizes this update with the following priority rating and recommends users update their installation to the newest version:

Product	Updated version	Platform	Priority rating	Availability
Creative Cloud Desktop Application (old installer)	5.3	Windows	3	Download Center
Creative Cloud Desktop Application (new installer)	2.2	Windows	3	Download Center

The latest Creative Cloud Desktop App installer can be downloaded from the Download Center.

Vulnerability Category	Vulnerability Impact	Severity	CVE Numbers
Uncontrolled Search Path	Arbitrary Code Execution	Critical	CVE-2020-24422

Adobe would like to thank Dhiraj Mishra (@RandomDhiraj) for reporting this issue and for working with Adobe to help protect our customers.

Adobe Security Bulletin

Summary

Affected versions

Solution

Vulnerability Details

Acknowledgments

Ask the Community

Contact Us