Page 5 of 11 FirstFirst 123456789 ... LastLast
Results 41 to 50 of 107

Thread: Old Adobe updates/advisories

  1. #41
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down Targeted (PDF) attacks...

    FYI...

    Targeted (PDF) attacks...
    - http://www.f-secure.com/weblog/archives/00001859.html
    January 18, 2010 - "F-Secure Labs has learned of another interesting targeted attack. In this case, malicious PDF files were emailed to US defense contractors. While the "Aurora" attacks against Google and others happened in December 2009, this happened just last week. The PDF file was quite convincing and it looked like it came from the Department of Defense... The document talks about a real conference to be held in Las Vegas in March. When opened to Adobe Reader, the file exploited the CVE-2009-4324* vulnerability. This is the doc.media.newPlayer vulnerability that Adobe patched last Tuesday. The exploit dropped a file called Updater.exe (md5: 3677fc94bc0dd89138b04a5a7a0cf2e0). This is a backdoor that connects to IP address 140.136.148.42. In order to avoid detection, it bypasses the local web proxy when doing this connection. Anybody who controls that IP will gain access to the infected computer and the company network. This particular IP is located in Taiwan."
    * http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-4324
    "... Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X..."

    (Screenshots available at the F-secure URL above.)

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #42
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Shockwave v11.5.6.606 released

    FYI...

    Shockwave v11.5.6.606 released
    - http://www.adobe.com/support/securit...apsb10-03.html
    Release date: January 19, 2010
    CVE number: CVE-2009-4002, CVE-2009-4003
    Platform: Windows and Macintosh
    "... Adobe recommends Shockwave Player users uninstall Shockwave version 11.5.2.602 and earlier on their systems, restart their systems, and install Shockwave version 11.5.6.606, available here: http://get.adobe.com/shockwave/ ... Adobe categorizes this as a critical update and recommends that users apply the update for their product installations..."

    - http://news.techworld.com/security/3...e-player-bugs/
    "... installed on some 450 million PCs..."

    - http://secunia.com/advisories/37888/2/
    Release Date: 2010-01-20
    Critical: Highly critical
    Impact: System access
    Where: From remote
    Solution Status: Vendor Patch
    Software: Adobe Director 11.x, Adobe Shockwave Player 11.x
    Solution: Update to Shockwave version 11.5.6.606.

    Last edited by AplusWebMaster; 2010-01-20 at 12:29.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #43
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Adobe multiple vulns - Flash/Reader/Acrobat/ColdFusion - more

    FYI...

    Adobe Flash Player Domain Sandbox Bypass Vuln
    - http://secunia.com/advisories/38547/
    Release Date: 2010-02-12
    Criticality level: Moderately critical
    Impact: Security Bypass
    Where: From remote
    Solution Status: Vendor Patch
    Software: Adobe AIR 1.x, Adobe Flash CS3, Adobe Flash CS4, Adobe Flash Player 10.x, Adobe Flex 3.x
    Original Advisory: http://www.adobe.com/support/securit...apsb10-06.html
    "...Details:
    A critical vulnerability has been identified in Adobe Flash Player version 10.0.42.34 and earlier. This vulnerability (CVE-2010-0186) could subvert the domain sandbox and make unauthorized cross-domain requests. This update also resolves a potential Denial of Service issue (CVE-2010-0187).
    Adobe recommends users of Adobe Flash Player 10.0.42.34 and earlier versions update to Adobe Flash Player 10.0.45.2.
    - http://get.adobe.com/flashplayer/
    *Adobe recommends all users of Adobe AIR version 1.5.3.9120 and earlier update to the newest version 1.5.3.9130..."

    - http://get.adobe.com/air/
    Revisions: February 12, 2010 - Bulletin updated with corrected version numbers for AIR.*
    - http://atlas.arbor.net/briefs/index#1106299496
    February 15, 2010 - "High Severity... Analysis: This is a serious issue that we encourage all sites to schedule an update..."

    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-0186
    Last revised: 02/26/2010
    Flash Player before 10.0.45.2, AIR before 1.5.3.9130...
    CVSS v2 Base Score: 6.8 (MEDIUM)
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-0187
    Last revised: 02/26/2010
    Flash Player before 10.0.45.2, AIR before 1.5.3.9130...
    CVSS v2 Base Score: 4.3 (MEDIUM)

    Adobe Products XML Processing Information Disclosure
    - http://secunia.com/advisories/38543/
    Release Date: 2010-02-12
    Criticality level: Moderately critical
    Impact: Exposure of system information, Exposure of sensitive information
    Where: From remote
    Solution Status: Vendor Patch
    Software: Adobe BlazeDS 3.x, Adobe ColdFusion 8.x, Adobe ColdFusion 9.x, Adobe ColdFusion MX 7.x, Adobe Flex Data Services 2.x, Adobe LiveCycle 8.x, Adobe LiveCycle 9.x, Adobe LiveCycle Data Services 2.x, Adobe LiveCycle Data Services 3.x
    Solution: Apply patches. Please see the vendor's advisory for required installation steps.
    Original Advisory: http://www.adobe.com/support/securit...apsb10-05.html
    "... Summary:
    An important vulnerability (CVE-2009-3960) has been identified in BlazeDS 3.2 and earlier versions. When processing incoming requests, XML external entity references and injected tags can result in disclosure of information. This issue affects LiveCycle 9.0, 8.2.1 and 8.0.1, and ColdFusion 9.0, 8.0.1, 8.0, and 7.0.2, which are installed with different versions of Data Services products. Adobe has provided a solution for the reported vulnerability for each affected Adobe product. It is recommended that users update their installations of each affected Adobe product to the latest version using the instructions provided..."

    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-3960
    Last revised: 02/26/2010
    BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0...
    CVSS v2 Base Score: 4.3 (MEDIUM)

    Last edited by AplusWebMaster; 2010-03-03 at 00:39.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #44
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Adobe Reader/Acrobat critical update released

    FYI...

    Adobe Reader/Acrobat critical update released
    - http://www.adobe.com/support/securit...apsb10-07.html
    February 16, 2010 - "... this vulnerability (CVE-2010-0186) could subvert the domain sandbox and make unauthorized cross-domain requests. In addition, a critical vulnerability (CVE-2010-0188) has been identified that could cause the application to crash and could potentially allow an attacker to take control of the affected system.
    Adobe recommends users of Adobe Reader 9.3 and earlier versions for Windows, Macintosh and UNIX update to Adobe Reader 9.3.1. (For Adobe Reader users on Windows and Macintosh who cannot update to Adobe Reader 9.3.1, Adobe has provided the Adobe Reader 8.2.1 update.)
    Adobe recommends users of Adobe Acrobat 9.3 and earlier versions for Windows and Macintosh update to Adobe Acrobat 9.3.1. Adobe recommends users of Acrobat 8.2 and earlier versions for Windows and Macintosh update to Acrobat 8.2.1.
    Affected software versions:
    Adobe Reader 9.3 and earlier versions for Windows, Macintosh, and UNIX
    Adobe Acrobat 9.3 and earlier versions for Windows and Macintosh

    Solution: Adobe Reader:
    Users can utilize the product's automatic update facility. The default installation configuration runs automatic updates on a regular schedule, and can be manually activated by choosing Help > Check For Updates Now.
    Adobe Reader users on Windows can find the appropriate update here:
    http://www.adobe.com/support/downloads/new.jsp .
    Adobe Reader users on Macintosh can find the appropriate update here:
    http://www.adobe.com/support/downloads/new.jsp .
    Adobe Reader users on UNIX can find the appropriate update here:
    http://www.adobe.com/products/reader/unix9/ (download latest update from 9.3.1 folder)...
    Adobe Acrobat:
    Users can utilize the product's automatic update facility. The default installation configuration runs automatic updates on a regular schedule, and can be manually activated by choosing Help > Check For Updates Now.
    Acrobat Standard and Pro users on Windows can find the appropriate update here:
    http://www.adobe.com/support/downloads/new.jsp .
    Acrobat Pro Extended users on Windows can find the appropriate update here:
    http://www.adobe.com/support/downloads/new.jsp .
    Acrobat 3D users on Windows can find the appropriate update here:
    http://www.adobe.com/support/downloads/new.jsp.
    Acrobat Pro users on Macintosh can find the appropriate update here:
    http://www.adobe.com/support/downloads/new.jsp .
    Severity rating:
    Adobe categorizes this as a critical update and recommends that users apply the update for their product installations..."

    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-0188
    Last revised: 02/26/2010
    Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1...
    CVSS v2 Base Score: 10.0 (HIGH)

    - http://secunia.com/advisories/38551/
    Last Update: 2010-02-17
    Criticality level: Highly critical
    Impact: Security Bypass, System access
    Where: From remote
    Solution Status: Vendor Patch
    Software: Adobe Acrobat 3D 8.x, Adobe Acrobat 8 Professional, Adobe Acrobat 8.x, Adobe Acrobat 9.x, Adobe Reader 8.x, Adobe Reader 9.x
    Solution: Update to version 8.2.1 or 9.3.1.

    - http://blog.trendmicro.com/adobe-rel...r-and-acrobat/
    Feb. 21, 2010

    Last edited by AplusWebMaster; 2010-03-03 at 00:23.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #45
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation

    FYI...

    Adobe Download Manager - critical update
    - http://www.adobe.com/support/securit...apsb10-08.html
    February 23, 2010 - "Summary:
    A critical vulnerability has been identified in the Adobe Download Manager. This vulnerability (CVE-2010-0189) could potentially allow an attacker to download and install unauthorized software onto a user's system. Users, who have downloaded Adobe Reader for Windows from http://get.adobe.com/reader/ or Adobe Flash Player for Windows from http://get.adobe.com/flashplayer/ prior to the release of this Security Bulletin on February 23, 2010, can verify they are not vulnerable to this Adobe Download Manager issue by following the instructions in the Solution section below.
    Affected software versions:
    Adobe Download Manager on Windows (prior to February 23, 2010)
    > Solution:
    Users, who have downloaded Adobe Reader for Windows from http://get.adobe.com/reader/ or Adobe Flash Player for Windows from http://get.adobe.com/flashplayer/ prior to the release of this Security Bulletin on February 23, 2010, can verify they are not vulnerable to this Adobe Download Manager issue by following the instructions below:
    • Ensure that the C:\Program Files\NOS\ folder and its contents ("NOS files") are not present on your system. (If the folder is present, follow the steps below to remove).
    • Click "Start" > "Run" and type "services.msc". Ensure that "getPlus(R) Helper" is not present in the list of services.
    If the NOS files are found, the Adobe Download Manager issue can be mitigated by:
    • Navigating to Start > Control Panel > Add or Remove Programs > Adobe Download Manager, and selecting Remove to remove the Adobe Download Manager from your system.
    -OR-
    • Clicking "Start" > "Run" and typing "services.msc". Then deleting "getPlus(R) Helper" from the list of services.
    • Then delete the C:\Program Files\NOS\ folder and its contents.
    This issue is resolved as of February 23, 2010, and no action is required for future downloads of Adobe Reader from http://get.adobe.com/reader/ or Adobe Flash Player from http://get.adobe.com/flashplayer/.
    > Severity rating:
    Adobe categorizes this as a critical update. Users can remove potentially vulnerable installations of the Adobe Download Manager using the instructions in the Solution section above.
    Details:
    A critical vulnerability has been identified in the Adobe Download Manager. This vulnerability (CVE-2010-0189) could potentially allow an attacker to download and install unauthorized software onto a user's system.
    The Adobe Download Manager is intended for one-time use. The Adobe Download Manager is designed to remove itself from the computer after use at the next computer restart. However, Adobe recommends users verify that a potentially vulnerable version of the Adobe Download Manager is no longer installed on their machine using the instructions in the Solution section above."

    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-0189
    Last revised: 03/02/2010
    getPlus Download Manager (aka DLM or Downloader) 1.5.2.35...
    CVSS v2 Base Score: 10.0 (HIGH)

    - http://secunia.com/advisories/38729/
    Release Date: 2010-02-24
    Criticality level: Highly critical
    Impact: System access
    Where: From remote
    Software: Adobe GetPlus DLM 1.x
    Original Advisory: Adobe:
    http://www.adobe.com/support/securit...apsb10-08.html

    - http://blog.trendmicro.com/new-adobe...d-manager-bug/
    Feb. 24, 2010

    - http://labs.idefense.com/intelligenc...lay.php?id=856
    02.23.10
    ... DISCLOSURE TIMELINE
    06/09/2009 Initial Vendor Notification
    06/09/2009 Initial Vendor Reply
    02/23/2010 Coordinated Public Disclosure

    Last edited by AplusWebMaster; 2010-03-03 at 00:22.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #46
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Adobe Reader and Acrobat updates - 04.13.2010

    FYI...

    Security Advisory for Adobe Reader and Acrobat
    - http://www.adobe.com/support/securit...apsb10-09.html
    April 8, 2010 - "Adobe is planning to release updates for Adobe Reader 9.3.1 for Windows, Macintosh and UNIX, Adobe Acrobat 9.3.1 for Windows and Macintosh, and Adobe Reader 8.2.1 and Acrobat 8.2.1 for Windows and Macintosh to resolve critical security issues. Adobe expects to make these quarterly updates available on April 13, 2010. Users may monitor the latest information on the Adobe Product Security Incident Response Team blog at http://blogs.adobe.com/psirt * ..."

    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-4764
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-1240
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-1241

    * http://blogs.adobe.com/psirt/2010/04...terly_s_2.html
    April 8, 2010 - "A Security Advisory has been posted in regards to the upcoming Adobe Reader and Acrobat updates scheduled for April 13, 2010. The updates will address critical security issues in the products. This quarterly security update will be made available for Windows, Macintosh and UNIX. With this quarterly update, we are enabling the new updater first shipped in a passive state with the October quarterly security update. For more information, please refer to the Adobe Reader blog**...."

    ** http://blogs.adobe.com/adobereader/2..._and_acro.html
    April 8, 2010

    Last edited by AplusWebMaster; 2010-04-13 at 16:33.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #47
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Adobe v9.3.2 Reader/Acrobat released

    FYI...

    Security update available for Adobe Reader and Acrobat
    - http://www.adobe.com/support/securit...apsb10-09.html
    April 13, 2010 - "... Adobe recommends users of Adobe Reader 9.3.1 and earlier versions for Windows, Macintosh and UNIX update to Adobe Reader 9.3.2. (For Adobe Reader users on Windows and Macintosh, who cannot update to Adobe Reader 9.3.2, Adobe has provided the Adobe Reader 8.2.2 update.) Adobe recommends users of Adobe Acrobat 9.3.1 and earlier versions for Windows and Macintosh update to Adobe Acrobat 9.3.2. Adobe recommends users of Acrobat 8.2.1 and earlier versions for Windows and Macintosh update to Acrobat 8.2.2...
    ... Users can utilize the product's automatic update feature...
    ... users on Windows/Macintosh can also find the appropriate update here:
    - http://www.adobe.com/support/downloads/new.jsp
    ... Unix users here:
    - http://www.adobe.com/products/reader/unix9/
    (download latest update from 9.3.2 folder)

    CVE numbers: CVE-2010-0190, CVE-2010-0191, CVE-2010-0192, CVE-2010-0193, CVE-2010-0194, CVE-2010-0195, CVE-2010-0196, CVE-2010-0197, CVE-2010-0198, CVE-2010-0199, CVE-2010-0201, CVE-2010-0202, CVE-2010-0203, CVE-2010-0204, CVE-2010-1241
    Platform: All Platforms

    - http://secunia.com/advisories/39272/
    Release Date: 2010-04-14
    Criticality level: Highly critical
    Impact: Cross Site Scripting, System access
    Where: From remote
    Software: Adobe Acrobat 3D 8.x, Adobe Acrobat 8 Professional, Adobe Acrobat 8.x, Adobe Acrobat 9.x, Adobe Reader 8.x, Adobe Reader 9.x
    Solution: Update to version 9.3.2 or 8.2.2.

    - http://atlas.arbor.net/briefs/index#-69029221
    April 20, 2010 - "Analysis: We have seen exploit code used for some of these bugs, most notably with the Zeus botnet. We encourage all sites to update their Adobe PDF viewers immediately to address these issues."

    Last edited by AplusWebMaster; 2010-04-21 at 14:56.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #48
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Adobe Photoshop security update CS4 11.0.1

    FYI...

    Security issues in Adobe Photoshop CS4 11.0.0
    - http://www.adobe.com/support/securit...apsb10-10.html
    April 30, 2010 - "Critical vulnerabilities have been identified in Photoshop CS4 that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system... Adobe recommends Photoshop CS4 customers update to Photoshop CS4 11.0.1 using the instructions below.
    To verify the version of Adobe Photoshop CS4 currently installed, choose Help > About Adobe Photoshop CS4 from the Adobe Photoshop menu bar. To check for updates, choose Help > Updates from the Adobe Photoshop menu bar.
    Photoshop CS4 customers can also find the Photoshop CS4 11.0.1 update for Windows or Macintosh here:
    Adobe Photoshop CS4 11.0.1 update for Windows
    - http://www.adobe.com/support/downloa...jsp?ftpID=4292
    Adobe Photoshop CS4 11.0.1 update for Macintosh
    - http://www.adobe.com/support/downloa...jsp?ftpID=4291
    Note: These issues do not affect Photoshop CS5..."

    - http://www.adobe.com/support/downloads/new.jsp

    Adobe Photoshop CS4 TIFF File Processing vuln - update available
    - http://secunia.com/advisories/39711/
    Release Date: 2010-05-03
    Criticality level: Highly critical
    Impact: System access
    Where: From remote
    Solution: Update to Photoshop CS4 11.0.1.

    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-1279

    Adobe Photoshop -CS3- TIFF File Processing Vuln
    - http://secunia.com/advisories/39709/
    Release Date: 2010-05-05
    Criticality level: Highly critical
    Impact: System access
    Where: From remote
    Solution Status: -Unpatched-
    Solution: Upgrade to a higher version.

    Last edited by AplusWebMaster; 2010-05-11 at 05:21.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  9. #49
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Adobe Shockwave/ColdFusion advisories...

    FYI...

    Shockwave Player v11.5.7.609 released
    - http://www.adobe.com/support/securit...apsb10-12.html
    May 11, 2010 - "... Summary:
    Critical vulnerabilities have been identified in Adobe Shockwave Player 11.5.6.606 and earlier versions on the Windows and Macintosh operating systems. The vulnerabilities could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system. Adobe recommends users of Adobe Shockwave Player 11.5.6.606 and earlier versions update to Adobe Shockwave Player 11.5.7.609, using the instructions provided below.
    Affected software versions: Shockwave Player 11.5.6.606 and earlier versions for Windows and Macintosh
    Solution: Adobe recommends users of Adobe Shockwave Player 11.5.6.606 and earlier versions upgrade to the newest version 11.5.7.609, available here:
    - http://get.adobe.com/shockwave/
    CVE number: CVE-2010-0127, CVE-2010-0128, CVE-2010-0129, CVE-2010-0130, CVE-2010-0986, CVE-2010-0987, CVE-2010-1280, CVE-2010-1281, CVE-2010-1282, CVE-2010-1283, CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1288, CVE-2010-1289, CVE-2010-1290, CVE-2010-1291, CVE-2010-1292
    Platform: Windows and Macintosh

    Adobe Shockwave Player Multiple Vulnerabilities
    - http://secunia.com/advisories/38751/

    Hotfixes available for ColdFusion
    - http://www.adobe.com/support/securit...apsb10-11.html
    May 11, 2010 - "... Summary:
    Important vulnerabilities have been identified in ColdFusion 8.0, 8.0.1, 9.0 and earlier versions for Windows, Macintosh and UNIX. The vulnerabilities could lead to cross-site scripting and information disclosure.
    Affected software versions: ColdFusion 8.0, 8.0.1, 9.0 and earlier versions for Windows, Macintosh and UNIX
    Solution: Adobe recommends affected ColdFusion customers update their installation using the instructions provided in the following link:
    - http://kb2.adobe.com/cps/841/cpsid_84102.html
    CVE number: CVE-2009-3467, CVE-2010-1293, CVE-2010-1294
    Platform: All Platforms ..."

    Adobe ColdFusion Cross-Site Scripting and Information Disclosure
    - http://secunia.com/advisories/39790/

    Last edited by AplusWebMaster; 2010-05-12 at 14:41.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  10. #50
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Photoshop CS4 v11.0.2 - security update

    FYI...

    Photoshop CS4 v11.0.2 - security update
    - http://www.adobe.com/support/securit...apsb10-13.html
    May 26, 2010 - "Critical vulnerabilities have been identified in Photoshop CS4 11.0.1 and earlier for Windows and Macintosh that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system... Adobe recommends Photoshop CS4 customers update to Photoshop CS4 11.0.2, which resolves these issues.
    Note: None of these issues affect Photoshop CS5.
    To verify the version of Adobe Photoshop CS4 currently installed, choose Help > About Adobe Photoshop CS4 from the Adobe Photoshop menu bar. To check for updates,
    choose Help > Updates from the Adobe Photoshop menu bar.
    Photoshop CS4 customers can also find the Photoshop CS4 11.0.2 update for Windows or Macintosh here:
    * Adobe Photoshop CS4 11.0.2 update for Windows
    - http://www.adobe.com/support/downloa...jsp?ftpID=4713
    * Adobe Photoshop CS4 11.0.2 update for Macintosh
    - http://www.adobe.com/support/downloa...jsp?ftpID=4712 ..."

    - http://secunia.com/advisories/39934/
    Release Date: 2010-05-27
    Criticality level: Highly critical
    Impact: System access
    Where: From remote
    Solution: Update to version 11.0.2...

    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-1296
    Last revised: 05/27/2010

    Last edited by AplusWebMaster; 2010-05-28 at 13:02.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •