We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
 
74,953 News Articles

Adobe leaves zero-day attack unpatched for a month

Adobe to fix Illustrator flaw... by January 8 2010

Adobe says it is fixing a flaw exploited by a recent zero-day attack, but that the fix won't be published this year.

Nearly a week after an unidentified hacker posted attack code that exploits a flaw in Adobe's Illustrator software, the company says it will fix the issue by January 8. (See: Hacker hits Adobe Illustrator with new attack.)

In a security advisory released yesterday, Adobe confirmed that the attack affects versions 3 and 4 of its Illustrator Creative Suite software and said the flaw could give hackers a way to run unauthorised software on a victim's computer.

See also: PC security advice

The attack code, posted last Tuesday, works when a victim opens a specially crafted Encapsulated PostScript (.eps) file in Illustrator. "Adobe categorizes this as a critical issue and recommends that users avoid opening .eps files from unknown or untrusted sources in Illustrator until a patch is available," the company said.

"Adobe plans to make available an update to Adobe Illustrator to resolve the issue by January 8, 2010," the company added in a note on its website.

See also: Adobe Illustrator CS4 review

Meanwhile, both Adobe and Microsoft are scheduled to issue critical security patches on Tuesday. Adobe will fix critical flaws in Flash Player. Microsoft is set to fix 12 bugs in a variety of its products, including a critical flaw in Internet Explorer that was publicly disclosed a few weeks ago.


IDG UK Sites

Amazon 3D smartphone release date, price and spec: The hologram phone?

IDG UK Sites

iPhone 5s review: why the iPhone 5s is still the best phone you can buy in 2014

IDG UK Sites

Passwords don't work: here's four ways to fix them

IDG UK Sites

The art of rebranding: Creative agency The Neighbourhood explains how & why it rebranded