Skip to main content
M
Marewan5CDA
Participant
June 14, 2024
Question

Vulnerability within photoshop

  • June 14, 2024
  • 13 replies
  • 15030 views

Defender detects vulnerabilities in Artifex Gpl Ghostscript  the evidence shows that this has to do with C:\Program Files\Adobe\Adobe Photoshop 2024\convert.exe, this is within photoshop. Anyone else having this or is there any update how we can resolve this vulnerability ?

 

Thanks 

    13 replies

    Show previous replies
    E
    Ed38104830l4m0
    Participating Frequently
    June 18, 2024

    Just to add we're seeing this too. Also applies to Photoshop 2023 and 2022. 

      A
      AdrianScott-WWFUK
      Participating Frequently
      June 17, 2024

      We too are seeing this vulnerability, however, we use Adobe Remote Update Manager (RUM) on all our machines with Adobe Creative Cloud apps installed, those that have run RUM have updated to the latest security release for Adobe Photoshop (25.9.1.626) released on the 11th June 2024 (see: https://helpx.adobe.com/security/products/photoshop/apsb24-27.html)
      N.B. From my clients, it appears that all devices with a version older than 25.9.1.626 appear to be affected by the GPL PostScript vulnerability, so my suggestion is update all your Adobe Photoshop installs to the latest security fix.
      I'm off to nudge the remaining machines that have not yet updated 😉

      A
      AdrianScott-WWFUK
      Participating Frequently
      June 17, 2024

      Ignore my post above - Unfortunately, it was a co-incidence that all older versions were affected.

      Microsoft Defender for Endpoint if flagging that this is affecting all installs.

      Adobe - Please Fix!

      M
      Marewan5CDAAuthor
      Participant
      June 17, 2024

      @AdrianScott-WWFUK i was about to reply on it :). We are already using the CC

        Ged_Traynor
        Community Expert
        Ged_TraynorCommunity Expert
        Community Expert
        June 14, 2024

        @Marewan5CDA I'd imagine it's a false positive, Virus Total shows that it's safe, and I scanned it with Bitdefender and again no issues

        https://www.virustotal.com/gui/file/f2eb6b70203d9f6b5073b7c88f393fd7091d5a34ccc1d85eec83dfad0cbb0ac4

         

          C
          Craig380500061tjb
          Participant
          June 14, 2024

          We are having the same issue with a Windows 10 device running Phostoshop that has been updated to the latest version.

          The convert.exe file itself is not malicious which is what BitDefender and Virus Total check for.

           

          The issue is that Defender is detecting the version number 6.9.9.0 which has a known critical vulnerability CVE-2018-18284 which is "Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator." The following is what Defender is signalling on

           

          Windows1010.0.19045.4412x64artifexgpl_ghostscript6.9.9.0CVE-2018-18284Critical

           

          Since this file is installed as part of PhotoShop, Adobe needs to update it. The latest release is Ghostscript 10.03.1 (2024-05-02). When will Adobe update?

            C
            Chris37073256sizk
            Participant
            June 17, 2024

            Could there be a chance Defender Vulnerability Management is incorrectly picking up the version of Ghostscript? We have the same issue on two fresh installs of Photoshop.

              Terms & ConditionsAccessibility statement
              Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices