Adobe pulls pay-for-patch, issues fix

Powered by SC Magazine
 

Gaffe was a 'PR disaster'.

Adobe has backpedelled and patched a critical buffer overflow vulnerability affecting Photoshop, Flash Professional and Illustrator.

The software giant initially refused to issue emergency patches and instead demanded users shell out some $200 to upgrade products to its latest Creative Suite line which was unaffected.

The vulnerabilities (CVE-2012-0778, CVE-2012-2028 CVE-2012-2026) affected Windows and Mac platforms and allowed attackers to hijack systems if victims executed a malicious TIF file within the Adobe products.

Adobe reasoned that the likelihood that this would happen was low. Photoshop wasn't on the radar of attackers, it said, so concerned users should exercise due diligence.

“Adobe is not aware of any attacks exploiting this vulnerability,” Adobe said in its security bulletin.

Security experts quickly disagreed. Sophos scribe Graham Cluely hit out at Adobe and labelled the affair a “PR disaster for the company”.

”Maybe Adobe customers who feel nervous opening .TIF files will judge the level of risk for themselves, and prefer to seek alternatives from companies that take better care of their users.”

Copyright © SC Magazine, Australia


Adobe pulls pay-for-patch, issues fix
 
 
 
Top Stories
Innovating in the sleepy super industry
There’s little incentive to be on the bleeding edge, so why is Andrew Todd fighting so hard?
 
How technology will unify Toll
The systems headache formed through 15 years of acquisitions.
 
Immigration breached Privacy Act with data leak
Pilgrim slams "copy and paste" of asylum seeker data.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  7%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 809

Vote