Photoshop Security: Update to Fix Two Critical Flaws

Yesterday was the second Tuesday in April. And, as usual, many companies, such as Microsoft and Adobe, have taken the opportunity to launch security patches for their software products with which to correct all kinds of detected vulnerabilities and protect users. After Microsoft, with its new cumulative patches for Windows, it has been Adobe who has taken the opportunity to release patches for their products. And, if you use Photoshop , you should consider updating as soon as possible if you do not want to be in danger.

The code execution security flaws (RCE, Remote Code Execution) are the most dangerous that we can find in any software. These types of security flaws allow an attacker to use an exploit to execute code in system memory through the vulnerable program. The code that they are trying to execute can be of any type, and allow everything from configuring the system and taking control of it to installing and loading malware on the PC.

Photoshop Security: Update to Fix Two Critical Flaws

Update Photoshop to fix two code execution glitches

Adobe has just released a new version of Photoshop focused especially on correcting two security flaws detected by ADLab. These two flaws, logged as CVE-2021-28548 and CVE-2021-28549 , are of the Buffer Overflow type, and can allow an attacker to execute code in the operating system without user permission.

These security flaws can be exploited in different ways. Just by having the program open, an exploit could take control of the process and get the code executed. Or we can receive a modified project that allows us to take advantage of these failures as well.

Adobe parche Photoshop abril 2021

Photoshop, like other Adobe programs, updates automatically through the Creative Cloud client. If we have automatic updates activated, we will receive the new version without having to do anything else. Otherwise, we will have to find updates by hand and install them to protect ourselves. The versions that protect us from these two vulnerabilities are:

  • Photoshop 2021 : 22.3.1
  • Photoshop 2020: 21.2.7

Another program of the company that has also received its share of patches has been Adobe Bridge . The company has taken advantage of these patches to fix 4 critical code execution flaws and two major vulnerabilities. Additionally, Adobe has also updated Digital Editions and RoboHelp to fix a critical and a major vulnerability respectively.

Did you download Photoshop from the internet? Be careful, it may have malware

Photoshop does not stand out for being a precisely cheap program. For this reason, there are many users who, instead of paying for the license, decide to download the program, with an activator, from the Internet. Adobe programs are one of the most downloaded (along with Windows and Office) illegally. And while Adobe doesn’t take this very seriously (as it doesn’t put many measures in place to prevent its illegal activation either), hackers do take advantage of it.

The security firm Bitdefender has just detected new threats hidden in many of the latest versions of Photoshop and Office activators. The seemingly harmless activators hide a Trojan that allows hackers to steal our passwords, access our files and steal the cryptocurrencies that we keep on our PC. Furthermore, this Trojan has been going unnoticed for months, so not even the best antivirus is capable of detecting it.