Thursday, December 3, 2009
Hacker Hits Adobe Illustrator With New Attack
On Tuesday, an unidentified hacker posted a proof of concept attack, showing how the Illustrator vulnerability could be leveraged to run unauthorized software on a victim's computer. Adobe said Tuesday that it was investigating the attack, but it's not clear when the software company will fix the issue.
For this attack to work, the users must open a maliciously crafted Encapsulated PostScript (.eps) file in Illustrator, Adobe said in a blog post.
Because this attack code is now public and available to cyber-criminals, this flaw could become a serious issue. pcworld