Skip to main content

If You Use Photoshop, Update Immediately

By August 27, 2018June 3rd, 2022Technology News

Do you use Photoshop? Does anyone who works for you use it?  If so, you’ll want to apply the latest security patch immediately.

Two new vulnerabilities were discovered after the release of Adobe’s regularly scheduled August 2018 security patch update. This prompted the company to take the unusual step of releasing an emergency, out-of-band update to correct the issue.

These two newly discovered vulnerabilities (tracked as CVE-2018-12810 and CVE-2018-12811) impact Adobe photoshop CC2017, v18.1.5 and earlier 18.x versions, and Adobe Photoshop CC 2018, v19.1.5 and earlier 19.x versions.

It was discovered and initially reported by Kushal Arvind Shah, a security researcher with FortiGuard Labs. The vulnerabilities allow hackers to exploit a pair of critical memory corruption flaws, which allows a them to remotely execute malicious code on the target user’s machine.

Again, it must be stressed that neither of these issues were addressed by the company’s regularly scheduled patch update released earlier this month. Although if you haven’t yet applied that patch, you should.  It addresses a total of eleven different security flaws spread across a number of the company’s products including: Flash Player, Acrobat, Reader, Experience Manager and Creative Cloud.

To get the fix for the Photoshop vulnerabilities, you’ll need to go to the company’s website and download the out of band patch designed specifically to address this issue.

It should be noted that both issues, while having been assigned a severity rating of “Critical,” have only been given a priority rating of three. This suggests that these flaws have not been exploited in the wild. That, however, is simply a matter of time.  If members of your creative team employ Photoshop to generate graphics for your business, applying the latest patch should be a top priority.  To do anything less is to invite an attack against your business.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.