Adobe to Fix Zero-Day Security Vulnerability

By Brian Prince  |  Posted 2009-12-08 Print this article Print

Adobe Systems is planning to patch a zero-day security vulnerability affecting its Adobe Illustrator software by January.

The announcement comes a week after proof-of-concept exploit code began circulating the Web. According to Adobe, the buffer overflow vulnerability in Adobe Illustrator CS4 and CS3 can be exploited via a malicious Encapsulated PostScript (.eps) file in Illustrator to execute code.

"Adobe recommends customers avoid opening .eps files from unknown or untrusted sources in Illustrator until a patch is available," the company stated in an advisory.

The company plans to resolve the issue with an update by Jan. 8, 2010. |

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel