Adobe has released updates for photoshop(APSB21-68)for windows and macos. These updates resolve multiple critical vulnerabilities which could lead to successful exploitation of arbitrary code execution in the context of the current user.    

Adobe photoshop is a software application for image editing and photo retouching for use on windows or macos computers. Photoshop offers users the ability to create, enhance, or otherwise edit images, artwork, and illustrations.

Adobe Photoshop 2021 system requirements on Windows & Mac – Plain Memory

The two critical vulnerabilities :

CVE-2021-36065 – Heap-based buffer overflow (CWE-122)  and  CVE-2021-6066 – Out-of-bounds write (CWE-787) could lead to critical arbitrary code execution in the user’s system.

Arbitrary code execution, or ACE, Vulnerabilities provide an adversary a platform to quickly execute additional code or applications on a target system, opening the door to lateral movement or quick exfiltration of system data.

Photoshop 2020, 21.2.10 and earlier versions and photoshop 2021, 22.4.3  and earlier versions of windows and macos are affected by these CVE.

Adobe recommends the users to update their software by installing the new versions 21.2.11 and 22.5 having severity 3 as priority which means it resolves vulnerabilities in a product that has historically not been a target for attackers. Adobe recommends administrators install the update at their discretion.

–-For more Cyber security write-ups in crisp content . Please follow our site via twitter handle @cyberworkx1

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s