Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

New Security flaw Discovered in Adobe Illustrator

According to security researchers, the Illustrator application of Adobe is vulnerable to a special kind of exploit, which could be used by an attacker to execute software from a remote location.

Recently, a hacker (unidentified) placed a proof-of-concept exploit online on December 1, 2009, demonstrating the way to exploit the Illustrator loophole to execute illegitimate code on a victim's computer.

Ryan Naraine, Computer Security reporter at ZDNet, states that the flaw in Illustrator is related to a fault while parsing files with the extension .eps or 'encapsulated postscript.' Bearing some specific characteristics, these files can make the Illustrator software cause memory corruption on a computer and allow hackers to issue malicious commands to the vulnerable system, as reported by MXLogic on December 3, 2009.

Adobe too has substantiated the flaw. The company said via an official confirmation that Adobe was already aware about a possible flaw within Adobe Illustrator CS4 (CVE-2009-4195).

The security researchers stated that since the proof-of-concept exploit was currently made public and even malicious attackers could use it, the vulnerability was potentially a severe problem. According to the security provider 'Secunia,' Illustrator Creative Suite version 13 & 14 were affected by the flaw and other versions might be vulnerable.

Nevertheless, Brad Arkin, Director of Product Security at Adobe, stated that his group was yet to substantiate about the attack's ability for planting a virus on an affected system, as reported by PCWorld on December 3, 2009.

The Product Security Incident Response Team of Adobe said that after going through various security reports, the firm was working to develop a patch, which would likely to fix the problem and halt all future exploit attempts.

Meanwhile, Secunia suggests that users of Illustrator should not open files originating from unreliable sources.

The researchers state that hackers regularly aim at Adobe's products, whose some older versions are vulnerable to several delivery attacks of malicious software. But those attacks chiefly aim at Adobe's Flash plug-in with which videos or rich graphics can be displayed online.

Related article: New Zealand Releases Code To Reduce Spam

ยป SPAMfighter News - 10-12-2009

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next