Adobe Security Bulletin

Security updates available for Adobe Photoshop CC | APSB17-34

Bulletin ID	Date Published	Priority
APSB17-34	November 14, 2017	3

Adobe has released updates for Photoshop CC for Windows and Macintosh. These updates resolve critical vulnerabilities that could lead to code execution.

Product	Affected version	Platform
Photoshop CC 2017	18.1.1 (2017.1.1) and earlier versions	Windows and Macintosh

Adobe recommends users update their software installations via each application's update mechanism by launching each application, navigating to the Help menu, and clicking "Updates." For more information, please reference this help page.

Product	Updated versions	Platform	Priority rating
Photoshop CC 2018	19.0 (2018.0)	Windows and Macintosh	3
Photoshop CC 2017	18.1.2 (2017.1.2)	Windows and Macintosh	3

Note:

For managed environments, IT administrators can use the Creative Cloud Packager to create deployment packages. Refer to this help page for more information on the Creative Cloud Packager.

Vulnerability Category	Vulnerability Impact	Severity	CVE Number
Memory Corruption	Remote code execution	Critical	CVE-2017-11303
Use after free	Remote code execution	Critical	CVE-2017-11304

Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers:

Honggang Ren of Fortinet's FortiGuard Labs (CVE-2017-11303)
TrendyTofu working with Trend Micro's Zero Day Initiative (CVE-2017-11304)

Adobe Security Bulletin

Summary

Affected software versions

Solution

Vulnerability details

Acknowledgments

Ask the Community

Contact Us