Release date: April 12, 2016
Vulnerability identifier: APSB16-11
CVE number: CVE-2016-1034
Platform: Windows and Macintosh
Adobe has released a security update for the Creative Cloud Desktop Application for Windows and Macintosh. This update resolves an important vulnerability in the Sync Process for Creative Cloud Libraries that could be abused to remotely read and write files on the client’s file system.
|Creative Cloud Desktop Application||Creative Cloud 18.104.22.168 or earlier||Windows and Macintosh|
Adobe categorizes this update with the following priority rating and recommends users update their installation to the newest version:
|Product||Updated version||Platform||Priority rating|
|Creative Cloud Desktop Application||Creative Cloud 22.214.171.124||Windows and Macintosh||2
Creative Cloud users can apply the update via the application's update mechanism. For more details, visit https://www.adobe.com/creativecloud/desktop-app.html.
For managed environments, IT administrators can use the Creative Cloud Packager to create deployment packages as described in the workflow documented here.
Refer to this help page for more information on the Creative Cloud Packager.