Adobe released security refresh prior to two basic remote code execution vulnerabilities affecting Adobe Photoshop CC for Microsoft Windows and Apple macOS systems.
As indicated by the security research by Adobe, its Photoshop CC suite is powerless against two basic memory corruption vulnerabilities, which could enable a hacker to execute code with the focused on the software user/client. The vulnerabilities: CVE-2018-12810 and CVE-2018-12811, affect Adobe Photoshop CC 2018 version 19.1.5 and earlier 19.x versions, Adobe Photoshop CC 2017 version 18.1.5 and 18.x versions are also affected.
The critical security flaws were discovered and reported by Kushal Arvind Shah of Fortinet’s FortiGuard Labs, and have now been addressed by Adobe with the release of Photoshop CC versions 19.1.6 and 18.1.6. These RCE vulnerabilities were not part of August 2018 security patch updates released by the adobe last week to fix 11 vulnerabilities in its various softwares.
Just two of the security bugs fixed in the current month’s updates were considered non-severe in seriousness, while it appears that none of the vulnerabilities have been exploited by criminals.
More insights about the these RCE vulnerabilities are not accessible right now.