Adobe posts Flash, Photoshop security patches
updated 09:45 am EDT, Thu July 12, 2007
Flash/Photoshop security
Adobe has posted updates for two of its most used applications, addressing recently revealed security vulnerabilities. The most significant may be in Adobe's ubiquitous Flash Player, which could allow a remote user to hijack a computer by exploiting an input validation error. To expose themselves to this risk, users must run a malicious SWF file, which can be delivered via e-mail, the Web, and other means, according to the company's security bulletin. Mac OS vulnerabilities should be fixed in the 9.0.47.0 patch, which can downloaded manually or through the auto-updater.
The second set of vulnerabilities is in the company's professional graphics applications--Photoshop CS2 and CS3--and involves specific image types. The problems are less serious, however: while they still involve input validation exploits, they cannot be executed remotely. A user is affected by downloading contaminated BMP, DIB, PNG or RLE files, which must then be opened specifically through Photoshop. The issue is resolved in automatic updates for CS3, or manual patches for both CS2 and CS3.
Fresh-Faced Recruit
Joined: Nov 1999
Installing Flash Player
Adobe Flash Installer keeps sending me back to close all browsers when they are in fact all closed. Any thoughts?
Jeremy