Adobe Security Bulletin

Security updates available for Adobe Photoshop CC | APSB19-56

Bulletin ID	Date Published	Priority
APSB19-56	December 10, 2019	3

Adobe has released updates for Photoshop CC for Windows and macOS. These updates resolve multiple critical vulnerabilities.  Successful exploitation could lead to arbitrary code execution in the context of the current user. 

Product	Affected version	Platform
Photoshop CC	20.0.7 and earlier	Windows and macOS
Photoshop CC	21.0.1 and earlier	Windows and macOS

Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version via the Creative Cloud desktop app’s update mechanism. For more information, please reference this help page.

Product	Updated versions	Platform	Priority
Photoshop CC	20.0.8	Windows and macOS	3
Photoshop CC	21.0.2	Windows and macOS	3

Note:

For managed environments, IT administrators can use the Admin Console to deploy Creative Cloud applications to end users. Refer to this help page for more information.

Vulnerability Category	Vulnerability Impact	Severity	CVE Number
Memory Corruption	Arbitrary code execution	Critical	CVE-2019-8253 CVE-2019-8254

Vulnerability Category

Vulnerability Impact

Severity

CVE Number

Memory Corruption

Arbitrary code execution

Critical

CVE-2019-8253

CVE-2019-8254

Adobe would like to thank Honggang Ren of Fortinet's FortiGuard Labs for reporting these issues and for working with Adobe to help protect our customers.

Adobe Security Bulletin

Summary

Affected Product Versions

Solution

Vulnerability details

Acknowledgments

Ask the Community

Contact Us