Security Watch

Keeping Track of patches and hacks in the IT security world.

Adobe to Fix Zero-Day Security Vulnerability

Adobe Systems is planning to patch a zero-day security vulnerability affecting its Adobe Illustrator software by January. The announcement comes a week after proof-of-concept exploit code began circulating the Web. According to Adobe, the buffer overflow vulnerability in Adobe Illustrator CS4 and CS3 can be exploited via a malicious Encapsulated PostScript

Adobe Systems is planning to patch a zero-day security vulnerability affecting its Adobe Illustrator software by January.

The announcement comes a week after proof-of-concept exploit code began circulating the Web. According to Adobe, the buffer overflow vulnerability in Adobe Illustrator CS4 and CS3 can be exploited via a malicious Encapsulated PostScript (.eps) file in Illustrator to execute code.

"Adobe recommends customers avoid opening .eps files from unknown or untrusted sources in Illustrator until a patch is available," the company stated in an advisory.

The company plans to resolve the issue with an update by Jan. 8, 2010.