"Exploit code that could take advantage of a "highly critical" security flaw in the most recent versions of Adobe Photoshop has been published, a security researcher reported."

Full article here: http://news.zdnet.com/2100-1009_22-6179485.html

Doesn't seem too serious, since most of us work with JPGs and RAWs. But worthy of a mention.

"There are no active exploits out there yet, but any attacks will be limited," Kristensen said. "Photoshop is primarily used by advertising agencies and image editors and not a lot of private individuals."


:scratch

:thumb

Thanks for posting that!

What's ironic about the "photoshop not used by many individuals" comment is that we have a group of graphic designers at my day job and of course there's nothing in the budget to buy them upgrades to CS3 (they're all using CS2).

They're all doin' better than me though-- best I could squeeze out of my employer was a copy of Elements.

Meanwhile, back at my home office, I was literally counting down the days to April 16th-- the day CS3 was released! As we all know, getting a big business to buy you all the latest software upgrades can like banging your head against a brick wall. It's usually the individuals who jump on the bandwagon first-- no purchase requests or "wait until fiscal year 2008" or IT permission required when it's your own box!

:scratch
Ha, I completely missed that... guess I stopped reading that paragraph at "no active exploits...yet".

The actual exploit code released at milworm is windows binary, so the script kiddies can't attack macs yet. The underlying issue however is likley to impact both mac and windows, just needs someone with a clue (not a script kiddie) to do the deeper analysis of what's happening on the mac version of the code, and write the appropriate assembly into the mallicious bitmap generation code.

(perhaps this should be moved to digital darkroom?)

(perhaps this should be moved to digital darkroom?)

No, since this thread is not computer hardware related. The issue is more about software, and of interest to potentially everyone.

No, since this thread is not computer hardware related. The issue is more about software, and of interest to potentially everyone.

Huh, guess I never realized digital darkroom had that limited focus... I'd always thought of it as 'all things in the intersection of computers and photography'.

With Adobe passing up CS2 users with their last ACR update, I wonder if CS2 might be forgotten about when they patch this exploit. I sure hope not.

With Adobe passing up CS2 users with their last ACR update, I wonder if CS2 might be forgotten about when they patch this exploit. I sure hope not.
Hah. They ignored CS with previous ACR updates. Ticked me off. My sense is that they do everything they can to push you to upgrade.

Hah. They ignored CS with previous ACR updates. Ticked me off. My sense is that they do everything they can to push you to upgrade.

Oopsie...pushed me to look elsewhere. :wink Now have a better converter & CS still works fine for me. I'll see if CS3 has enough to warrant the cost (unlikely).

"Security researchers have found a "highly critical" flaw in the portable-network graphics plug-in for the latest version of Adobe Systems' Photoshop Creative Suite, as well as for other versions of the software that run on Windows."

Full article here: http://news.zdnet.com/2100-1009_22-6180180.html

Not sure it rated a whole new thread...