Copy link to clipboard
Copied
We are experiencing the same. node.exe version 8.11.1 is listed as End of Support with 11 vulnerabilities.
Node.js website specifies version 16 as the latest stable version.
This needs to be updated by Adobe asap.
C:\Program Files\Adobe\Adobe Photoshop 2021\node.exe
HI
I went on support with the Adobe Engineer. He said that the node.exe in photoshop was indeed out of date. He will have it updated on the next photoshop update.
He did suggest copying the node file from C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\ and pasting it into photoshop and replacing it (backing up the old node file first).
This is something you do at your own risk, I will wait for the next update.
🙂
Copy link to clipboard
Copied
Have you told Microsoft so they can fix this false positive? You seem to be jumping ahead from a report to a definite.
Copy link to clipboard
Copied
We are experiencing the same. node.exe version 8.11.1 is listed as End of Support with 11 vulnerabilities.
Node.js website specifies version 16 as the latest stable version.
This needs to be updated by Adobe asap.
C:\Program Files\Adobe\Adobe Photoshop 2021\node.exe
Copy link to clipboard
Copied
I don't know if it is a false positive. I saw on the forum previous instances of the nodejs being out of date and been vulnerable.
Copy link to clipboard
Copied
Being out of date, and being vulnerable are not the same thing at all. You need to read the specific details of the vulnerability to see if it is applicable. For example, node.js might be used only to show pages from Adobe's signin page. The vulnerability might exist if serving pages from a site hosting malware. No vulnerability.
Copy link to clipboard
Copied
Copy link to clipboard
Copied
I'm not going to read all that, I was suggesting that you do the research. But to come back to your original question do we know WHETHER this will be patched (and when)? No, we do not.
Copy link to clipboard
Copied
Jumping to the conclusion that this is a false positive i find to be somewhat cavilier M8, expecialy in this current year
Copy link to clipboard
Copied
Then perhaps you'd better report it to Adobe. Posting here you just get the opinions, informed or nonsense, of other Adobe customers.
Copy link to clipboard
Copied
Did you actualy read the above? He did report it. Im more commenting on your 'conclusion' that this is a false positive. Looking at your post history, all i see from you is toxic replies to genuine questions.
Copy link to clipboard
Copied
We have the same question. In reading past posts regarding Node.exe, It would be helpfull of Adobe was more proactive about fixing vunerabilities in third products bundled with their product.
Version of Photoshop is current, 22.4.1
Version of NodeJS is 8.11.1.0 which A) is an EOS version and B) with exploits avalible
C:\Program Files\Adobe\Adobe Photoshop 2021\node.exe
Copy link to clipboard
Copied
HI
I went on support with the Adobe Engineer. He said that the node.exe in photoshop was indeed out of date. He will have it updated on the next photoshop update.
He did suggest copying the node file from C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\ and pasting it into photoshop and replacing it (backing up the old node file first).
This is something you do at your own risk, I will wait for the next update.
🙂
Copy link to clipboard
Copied
Another one I found, in dream weaver
Adobe\Adobe Dreamweaver 2021\node\node.exe
the version of node is listed as 6.17.1
this is quite out of date