Thursday, December 3, 2009

Hacker Hits Adobe Illustrator With New Attack

Adobe Systems' security response team is scrambling to fix a newly disclosed bug in its Illustrator software, even as it readies another security patch for next week.

On Tuesday, an unidentified hacker posted a proof of concept attack, showing how the Illustrator vulnerability could be leveraged to run unauthorized software on a victim's computer. Adobe said Tuesday that it was investigating the attack, but it's not clear when the software company will fix the issue.

For this attack to work, the users must open a maliciously crafted Encapsulated PostScript (.eps) file in Illustrator, Adobe said in a blog post.

Because this attack code is now public and available to cyber-criminals, this flaw could become a serious issue. pcworld

No comments:

Post a Comment