April 21, 2014, 12:45:21 PM

Author Topic: Adobe backs down after PS, Flash and Illustrator 8 security flaws discovered  (Read 1206 times)

BobSanderson

  • Rebel T5i
  • ****
  • Posts: 127
    • View Profile
Quote
Late last week, Adobe set off a bit of a kerfuffle when it announced that three of its applications suffered from serious security flaws. They offered readers a simple fix: pay to upgrade to the latest version. Considering the latest version of the company's Creative Suite was less than a week old at the time, this represented both an extremely short period of support for the previous generation of software, and an extremely high price to fix a set of potential vulnerabilities. The move was widely panned by both security experts and Adobe customers.

In response to the negative press, the company has reversed course. On Friday, the company's security bulletins for Flash, Illustrator, and Photoshop were updated to indicate that the company is "in the process of resolving these vulnerabilities in Adobe Photoshop CS5.x, and will update this Security Bulletin once the patch is available." All of the vulnerabilities could potentially allow an attacker to arbitrarily execute code by corrupting memory. In the case of Photoshop, the application was vulnerable to maliciously crafted TIFF files.


There were more flaws than I originally reported...

http://arstechnica.com/uncategorized/2012/05/adobe-backs-down-will-secure-last-generation-of-apps/

http://www.macworld.com/article/1166779/adobe_will_issue_free_security_patches_for_high_profile_creative_suite_apps.html

http://www.computerworld.com/s/article/9227119/Adobe_backpedals_will_now_patch_software_for_free

« Last Edit: May 14, 2012, 02:00:42 AM by BobSanderson »

canon rumors FORUM


Tracy Pinto

  • Guest
Sadly, one of Adobe's great drives is find ways to force you to upgrade. They do it in many ways but not allowing the latest raw engines for the latest cameras to be used by existing products is one of the many ways they employ. Of course, it was unconscionable to use a security flaw in this instance to further force an upgrade to a safe product and so they reversed themselves.

AnselA

  • Rebel T5i
  • ****
  • Posts: 112
    • View Profile
It was appropriate that Adobe was forced to do the right thing.

BobSanderson

  • Rebel T5i
  • ****
  • Posts: 127
    • View Profile
Please read the Computerworld link that discuses the number of vulnerabilities.

AnselA

  • Rebel T5i
  • ****
  • Posts: 112
    • View Profile
Thanks for the heads up. I just got my PS6 upgrade but I feel Adobe is heading downward with their business practices. Most of its customers are creative types that don't have the Benjamins to be constantly squeezed at every opportunity. They should realize that and honor it.
« Last Edit: May 14, 2012, 01:19:18 PM by AnselA »


canon rumors FORUM