Posted on Leave a comment

Adobe Fixes Two Critical Photoshop Vulnerabilities.

Adobe has released updates for photoshop(APSB21-68)for windows and macos. These updates resolve multiple critical vulnerabilities which could lead to successful exploitation of arbitrary code execution in the context of the current user.    

Adobe photoshop is a software application for image editing and photo retouching for use on windows or macos computers. Photoshop offers users the ability to create, enhance, or otherwise edit images, artwork, and illustrations.

Adobe Photoshop 2021 system requirements on Windows & Mac – Plain Memory

The two critical vulnerabilities :

CVE-2021-36065 – Heap-based buffer overflow (CWE-122)  and  CVE-2021-6066 – Out-of-bounds write (CWE-787) could lead to critical arbitrary code execution in the user’s system.

Arbitrary code execution, or ACE, Vulnerabilities provide an adversary a platform to quickly execute additional code or applications on a target system, opening the door to lateral movement or quick exfiltration of system data.

Photoshop 2020, 21.2.10 and earlier versions and photoshop 2021, 22.4.3  and earlier versions of windows and macos are affected by these CVE.

Adobe recommends the users to update their software by installing the new versions 21.2.11 and 22.5 having severity 3 as priority which means it resolves vulnerabilities in a product that has historically not been a target for attackers. Adobe recommends administrators install the update at their discretion.

–-For more Cyber security write-ups in crisp content . Please follow our site via twitter handle @cyberworkx1

Leave a Reply