Security updates available for Creative Cloud Desktop Application | APSB18-20
Bulletin ID Date Published Priority
APSB18-20 August 14, 2018 3

Summary

Adobe has released a security update for the Creative Cloud Desktop Application installer for Windows.  This update resolves an insecure library loading vulnerability in the installer that could lead to privilege escalation (CVE-2018-5003).

Affected versions

Product Affected version Platform
Creative Cloud Desktop Application (installer)

4.5.0.324 and earlier versions

Windows

To check the version of the Adobe Creative Cloud desktop app:

  1. Launch the Creative Cloud desktop app and sign in with your Adobe ID
  2. Click the gear icon and choose Preferences > General

Solution

Adobe categorizes this update with the following priority rating and recommends users update their installation to the newest version:

Product Updated version Platform Priority rating Availability
Creative Cloud Desktop Application (installer) 4.5.5.342 Windows  3 Download Center

The latest Creative Cloud Desktop App installer can also be downloaded from the Download Center

Vulnerability Details

Vulnerability Category Vulnerability Impact Severity CVE Numbers
Insecure Library Loading (DLL hijacking) Privilege Escalation Important CVE-2018-5003

Acknowledgments

Adobe would like to thank the following individual for reporting the relevant issues and for working with Adobe to help protect our customers: 

  • Alec Blance (CVE-2018-5003)