Patch/Configuration Management, Vulnerability Management

Adobe issues third security update for August


Adobe issued its third security update of the month today, this time issuing a patch for a Creative Cloud Desktop Application vulnerability that could lead to privilege escalation.

Rated as important, the flaw, CVE-2018-12829, is due to an improper certificate validation in application versions 4.6.0 and earlier for Windows and macOS. While the vulnerability has not been exploited in the wild, Adobe said it is aware of a proof-of-concept code.

The company recommends users immediately download the update and it thanked Chi Chou of AntFinancial LightYear Labs for reporting these issues.

This is the second out-of-band security update issued by Adobe this month. On August 22, it pushed out critical updates for Photoshop CC, and this followed the traditional Patch Tuesday update that took place on August 14.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.