Adobe working on a patch for 'critical' TIFF vulnerability in CS5 software
Contrary to reports that Adobe had suggested users should pay for an upgrade to CS6 to patch a serious security hole, the company has now announced that it is "in the process of resolving these vulnerabilities" in versions CS5 and CS5.5 of its applications. The bug allows a maliciously designed TIFF file to cause a buffer overflow and act as a backdoor for malware, and it affects older versions of Photoshop, Illustrator, and Flash on both Windows and Mac.
The confusion seemingly came from the original wording of the Adobe product security bulletin, which stated that "Adobe Photoshop CS6 addresses these vulnerabilities" without mentioning that a security patch for older versions was being worked on. Users of CS5 and below were understandably outraged, claiming that that for Adobe to expect them to pay for updates to patch a security flaw dubbed as "critical" was unacceptable. This move should placate users of CS5, though earlier versions seem to have been left out for now. We'll let you know when the updated software hits, but in the meantime think twice before you open a TIFF.
There are 14 Comments. Load 'Em Up. Show speed reading tips and settings
Shortcuts to mastering the comment thread. Use wisely.
C - Next Comment
X - Mark as Read
R - Reply
Z - Mark Read & Next
Shift + C - Previous
Shift + A - Mark All Read
Comment Settings
Live comment alert: Hide it!
Comments for this post are closed.