Memory corruption bugs lead to remote code execution
Adobe says there's a critical flaw in its Photoshop Creative Cloud software for Windows and macOS that can be exploited by malicious files to hijack systems. The unscheduled update fixes up critical memory corruption bugs discovered by Fortinet's Kushal Arvind Shah, both of which leave vulnerable systems open to remote code execution (RCE). Opening a specially crafted file in a vulnerable Photoshop version will trigger the execute of code smuggled into the images. The RCE is “in the context of...