Release date: April 11, 2017
Vulnerability identifier: APSB17-12
CVE number: CVE-2017-3004, CVE-2017-3005
Platform: Windows and Macintosh
Adobe has released updates for Photoshop CC for Windows and Macintosh. These updates resolve a critical memory corruption vulnerability when parsing malicious PCX files that could lead to code
execution (CVE-2017-3004). These updates also resolve an unquoted search path vulnerability in
Photoshop on Windows (CVE-2017-3005).
|Adobe Photoshop CC 2017||18.0.1 and earlier versions||Windows and Macintosh|
|Adobe Photoshop CC 2015.5||17.0.1 (2015.5.1) and earlier versions||Windows and Macintosh|
Adobe recommends users update their software installations via each application's update mechanism by launching each application, navigating to the Help menu, and clicking "Updates." For more information, please reference this help page.
|Product||Updated version||Platform||Priority rating|
|Adobe Photoshop CC 2017||18.1||Windows and Macintosh||3|
|Adobe Photoshop CC 2015.5||17.0.2 (2015.5.2)||Windows and Macintosh||3|
For managed environments, IT administrators can use the Creative Cloud Packager to create deployment packages. Refer to this help page for more information on the Creative Cloud Packager.
- These updates resolve a memory corruption vulnerability when parsing malicious PCX files that could lead to code execution (CVE-2017-3004).
- These updates resolve an unquoted search path vulnerability in Photoshop on Windows (CVE-2017-3005).