Adobe issued its third security update of the month today, this time issuing a patch for a Creative Cloud Desktop Application vulnerability that could lead to privilege escalation.
Rated as important, the flaw, CVE-2018-12829, is due to an improper certificate validation in application versions 4.6.0 and earlier for Windows and macOS. While the vulnerability has not been exploited in the wild, Adobe said it is aware of a proof-of-concept code.
The company recommends users immediately download the update and it thanked Chi Chou of AntFinancial LightYear Labs for reporting these issues.
This is the second out-of-band security update issued by Adobe this month. On 22 August, it pushed out critical updates for Photoshop CC, and this followed the traditional Patch Tuesday update that took place on 14 August.