Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Adobe has backpedelled and patched a critical buffer overflow vulnerability affecting Photoshop, Flash Professional and Illustrator.
The software giant initially refused to issue emergency patches and instead demanded users shell out some $200 to upgrade products to its latest Creative Suite line which was unaffected.
The vulnerabilities (CVE-2012-0778, CVE-2012-2028 CVE-2012-2026) affected Windows and Mac platforms and allowed attackers to hijack systems if victims executed a malicious TIF file within the Adobe products.
Adobe reasoned that the likelihood that this would happen was low. Photoshop wasn't on the radar of attackers, it said, so concerned users should exercise due diligence.
“Adobe is not aware of any attacks exploiting this vulnerability,” Adobe said in its security bulletin.
Security experts quickly disagreed. Sophos scribe Graham Cluely hit out at Adobe and labelled the affair a “PR disaster for the company”.
”Maybe Adobe customers who feel nervous opening .TIF files will judge the level of risk for themselves, and prefer to seek alternatives from companies that take better care of their users.”
Copyright © SC Magazine, Australia
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.
