Adobe patches 'critical' holes in Photoshop CS4

The ability to add brushes, color swatches, and other customizations left an older version of Adobe's image-editing software vulnerable to attack.

by Stephen Shankland May 27, 2010 6:05 AM PDT Follow @stshank

Photoshop users like to expand what the software can do by downloading new brushes, gradients, and color swatches, but the ability to make those additions also turns out to have been a potential avenue for attack.

Adobe Systems on Wednesday released a Photoshop 11.0.2 security update to its earlier CS4 version of Photoshop for both Windows and Mac OS X versions to close off that avenue.

"Critical vulnerabilities have been identified in Photoshop CS4 11.0.1 and earlier for Windows and Macintosh that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system. A malicious .ASL, .ABR, or .GRD file must be opened in Photoshop CS4 by the user for an attacker to be able to exploit these vulnerabilities," Adobe said in an advisory. ASL, ABR, and GRD files refer to swatches, brushes, and gradients, respectively.

The newly released Photoshop CS5 is not vulnerable, Adobe added.

Don't Miss

How Facebook's Zucked-up IPO just killed the tech bubble
Internet & Media
Is NFC killing Google Wallet?
Mobile
75 years of the Golden Gate Bridge (pictures)
Slideshow
Cutting-edge all-in-one Asus
Review

CNET Conversations

Driving into the future at VW's Electronics Research Lab

CNET editor at large Brian Cooley goes behind the scenes with Peter Oel, director of Volkswagen Electronics Research Lab, to show you how Silicon Valley is changing the way we drive, from the latest in infotainment systems to new 3D technologies being used for design.

Play Video

Adobe patches 'critical' holes in Photoshop CS4

Don't Miss

Featured Posts

Most Popular

About Deep Tech

RSS

my Yahoo

Google

MSN

CNET Mobile Apps