Adobe: Vulnerability having to pay for “Critical Update” in CS5
Adobe Photoshop CS5.5 has Critical Security Vulnerability
Opposing to reports that Adobe had suggested, users should pay for an upgrade to CS6 to patch a serious security hole of adobe cs5. The maliciously designed TIFF file cause a buffer overflow and act as a back door in search of malware , and this affects earlier versions of Photoshop CS5 , Illustrator and Flash in Windows and Mac machines. Adobe now announces that he is “in the process of resolution of these vulnerabilities ”in the versions CS5 and CS5.5 of their applications.
Adobe released a security upgrade for Adobe Photoshop CS5 and earlier for Windows and Macintosh. This upgrade addresses vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system. – Adobe Bulletin
“Adobe Photoshop CS5.5 has critical security vulnerability, but the remedy is forced PAID upgrade to CS6? Genius,” said “Kontra” on Twitter .
Security experts were astounded that Adobe would stoop to such tactics. Adobe has advised users of its Creative Suite, which includes the main company products as Photoshop and Illustrator that would have to pay $ 375 if you want patches for eight critical vulnerabilities . (Computerworld.com)
Apparently, the confusion came from the original wording of the Adobe product security bulletin from Adobe products, which stated that “Adobe Photoshop CS6 was trying these vulnerabilities, “without mentioning that, for older versions, is working on a patch. The CS5 users and above , understandably were outraged, saying: that what we paid for Adobe wait a few updates to patch a security hole known as “critical” was unacceptable. This should calm the CS5 users, but for now, earlier versions seem to have been left out.
Via : COMPUTERWORLD