There has been a vulnerability announced for this that my company now needs to start patching.
See details below:
Title: Security update available for the Creative Cloud Desktop Application (APSB16-21) Tracking ID:
Reported Date/Time: 14 Jun 2016 21:16:00 UTC Risk: 4 Audience: Core Members, Analysts, Basic Members, FSISAC Customer Service, MSP Members, Premier Members, Standard Members Special Handling: None Handling Instructions: None: There are no additional special handling instructions. Summary: Adobe has released a security update for the Creative Cloud Desktop Application for Windows. Business Impact: Arbitrary Code Execution Enumeration Vulnerability Severity: 2 - Minimal Impact (Normal) Urgency: 2 - Action Recommended Credibility: 5-Verified Vendor(s): Adobe Product(s):
Description: CVE-2016-4157 This update resolves a vulnerability in the directory search path used to find resources that could lead to code execution.
CVE-2016-4158 This update resolves an unquoted service path enumeration vulnerability in the Creative Cloud Desktop Application.
Adobe categorizes this update with the following priority rating: Priority 3: This update resolves vulnerabilities in a product that has historically not been a target for attackers. Adobe recommends administrators install the update at their discretion.