CS 5 Security flaw - You have to PAY for the fix!
First they change their upgrade rules now they want to force you to upgrade to fix a security flaw in version that was current not that long ago? Nice, Adobe, just nice...
"You can't fix stupid."
- Ron White
0 .· ` ' / ·. 100
I have a high sarcasm rate. Deal with it.
Post a Thank You. - 1 Thanks
Adobe s getting a little greedy.
Yeah, the upgrade cost $100 more than the recent total cost of CS5 (on sale)!! Oh and you better get CS6 or you will be hack attacked!!
Originally Posted by Chris Poole
Could someone explain what exactly happens if the security of our system is compromised and how this occurs. It seems as if you must place something into CS5 for it to execute?
Not that I would ever wish to be seen as supportive too Adobe, but it appears that patches will be issued for free.
Good news. It seems you have to open an external TIFF or at leasta TIFF that is sent to you for your system to be infected.
Some web searching showed a similar flaw in CS4 in 2010 and Adobe recommended upgrading to CS5. The current flaw is a buffer overrun were a tiff that causes the overrun can write over program code so that new (malicious) code could be executed. Very sloppy programming if you ask me, especially for this day and age. It appears (from web searches) that the latest problem was reported by Protek Research Lab in September 2011, so over 6-months ago. Pretty bad for Adobe to wait so long. Wow.
Hold on, just announced ;
Adobe has apparently changed its mind about requiring customers to pay to get recent security patches for its Photoshop, Illustrator, and Flash Professional products. http://news.cnet.com/8301-1009_3-57433231-83/adobe-will-issue-security-fixes-for-cs5-apps-after-all/
Last edited by Chris Poole; 05-13-2012 at 09:08 AM.