Security issue in CS5 / Adobe rant
Richard
Administrators, Vanilla Admin Posts: 19,962 moderator
Adobe has announced that there is a buffer overflow vulnerability in CS5 which permits a maliciously crafted TIFF file to execute arbitrary code in both Windows and OS-X. In plain English, this means that a TIFF file can infect your machine.
Adobe's solution? Upgrade to CS6. That's right, folks, they are not planning on issuing a fix for CS5. Now it is not uncommon for software vendors to stop patching older software at some point. Apple's Flashback fix does not cover OS-X 10.5 or earlier, for example. Microsoft isn't patching Win2K anymore, though they are still supporting XP, which is now over 10 years old. CS5 became "obsolete" less than a week ago. What is truly galling is that the bug was reported to Adobe in September, 2011. Not only did they fail to address the issue in a timely fashion, they didn't even let us know about it until they could use the issue to pump sales of their latest product.
Really classy, Adobe.
:humungus
Edit: Just a clarification. Don't panic. Your own TIFF files are perfectly safe and there's no reason to stop using CS5. Just beware of opening TIFFs from untrusted sources in Photoshop.
Adobe's solution? Upgrade to CS6. That's right, folks, they are not planning on issuing a fix for CS5. Now it is not uncommon for software vendors to stop patching older software at some point. Apple's Flashback fix does not cover OS-X 10.5 or earlier, for example. Microsoft isn't patching Win2K anymore, though they are still supporting XP, which is now over 10 years old. CS5 became "obsolete" less than a week ago. What is truly galling is that the bug was reported to Adobe in September, 2011. Not only did they fail to address the issue in a timely fashion, they didn't even let us know about it until they could use the issue to pump sales of their latest product.
Really classy, Adobe.
:humungus
Edit: Just a clarification. Don't panic. Your own TIFF files are perfectly safe and there's no reason to stop using CS5. Just beware of opening TIFFs from untrusted sources in Photoshop.
0
Comments
A former sports shooter
Follow me at: https://www.flickr.com/photos/bjurasz/
My Etsy store: https://www.etsy.com/shop/mercphoto?ref=hdr_shop_menu
Adobe has backtracked and now says that it will issue a fix: http://www.securityweek.com/adobe-changes-tune-forcing-paid-upgrade-fix-security-flaw