Adobe has announced two critical security vulnerabilities (opens in new tab) in Adobe Photoshop CC 2017 and 2018.
According to the company, these are vulnerabilities that "would allow malicious native-code to execute, potentially without a user being aware." This kind of flaws leave your computer exposed, providing access by malicious third parties who could run code in your computer to gain control over it.
The problems, discovered by Fortinet's FortiGuard Labs cybersecurity expert Kushal Arvind Shah, affect both Windows and macOS versions of Photoshop 19.1.5 and earlier as well as 18.1.5 and earlier. The pixel-pushing company hasn't released any particular details, except to say that the software has "memory corruption" issues that "allow remote code execution" -- i.e., network-based attacks -- without users noticing it.
Adobe claims that these are "type 3" vulnerabilities (opens in new tab). This means that these gaps have been discovered "in a product that has historically not been a target for attackers" as opposed to a vulnerability that is being actively exploited by attackers. In other words, most likely you are not at immediate risk.
That doesn’t mean you shouldn't update Photoshop as soon as possible. Adobe has already released an update (opens in new tab) that closes the opening, bringing Photoshop CC 2017 and CC 2018 to versions 18.1.6 and 19.1.6, respectively.
If you are legally using Photoshop, make sure to go the Adobe Cloud CC control panel and update it. If you are using a pirated copy of Photoshop, we can't help you.