Adobe today posted an out of band updates for two critical memory corruption vulnerabilities in Photoshop.
The problems impact Photoshop CC 2018 versions 19.1.5 and earlier along with Photoshop CC 2017 versions 18.1.5 and earlier for Windows and macOS. The memory corruption vulnerabilities, CVE-2018-12810 and CVE-2018-12811, can lead to remote code execution in the context of the current user, the company said in its advisory.
Adobe is recommending users immediately update to versions Photoshop CC 2018 version 19.1.6 and Photoshop CC 2017 version 18.1.6.
Earlier this month on Patch Tuesday, Adobe issued patches for a variety of flaws in Acrobat and Reader, Flash Player, Experience Manager, and the Cloud Desktop Application, collectively fixing 11 vulnerabilities, two of them critical.
