Security Watch

Keeping Track of patches and hacks in the IT security world.

Critical Photoshop Bug Out

A highly critical vulnerability that can allow attackers to hijack a user's system has been reported in Adobe Photoshop.

A Secunia advisory said the vulnerability is caused by an error in the handling of bit map files, such as .BMP, .DIB and .RLE. The handling error can be used to cause a stack-based overflow via a specially crafted bit map file.

No attacks have been detected in the wild that exploit this flaw.

The vulnerability is showing up in Adobe Photoshop CS2 and CS3. Other versions might also turn out to be affected.

Secunia is advising Photoshop users to avoid opening untrusted bit map files to avoid exploitation.