IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Adobe patches 'critical' Photoshop CS4 vulnerability

Installing third-party Photoshop swatches, brushes and gradients from unknown sources could leave an open door for hackers.

patch

Adobe has issued a security update for Photoshop CS4 to fix "critical" vulnerabilities in the image-editing software.

According to the company's latest security bulletin, users attempting to open some brushes, gradients and colour swatches in Photoshop CS4 could be leaving themselves vulnerable for attackers to take control of their systems. The latest CS5 generation of Photoshop isn't affected.

"Critical vulnerabilities have been identified in Photoshop CS4 11.01 and earlier for Windows and Macintosh that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system," the bulletin reads.

Adobe says users are only at risk if they open a malicious ASL, ABR or GRD file in other words, swatches, brushes and gradients. A wide range of third-party add-ons are available to download for Photoshop, allowing users to expand the software's abilities and add extra features.

Users of all versions of the software up to CS4 11.01 are advised to install the update, and Adobe also advises Photoshop users to be cautious when downloading or opening files from unknown sources.

To check which version of Photoshop is currently installed, select About Adobe Photoshop CS4 in the Help menu. The update is available in Windows and Mac OS X variants, and can be downloaded from the Adobe Support site.

Adobe credits Zero Science Lab's Gjoko Krstic for discovering and reporting the issue.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Adobe forced to patch its own failed security update
bugs

Adobe forced to patch its own failed security update

18 Feb 2022
Adobe rolls out new PayPal payment options through Adobe Commerce
e commerce

Adobe rolls out new PayPal payment options through Adobe Commerce

16 Sep 2021
Signs it’s time to upgrade your CMS
Whitepaper

Signs it’s time to upgrade your CMS

23 Aug 2021
Engaging the new digital workforce blueprint
Whitepaper

Engaging the new digital workforce blueprint

23 Aug 2021

Most Popular

The UK's best cities for tech workers in 2022
Business strategy

The UK's best cities for tech workers in 2022

24 Jun 2022
LockBit 2.0 ransomware disguised as PDFs distributed in email attacks
Security

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks

27 Jun 2022
Salaries for the least popular programming languages surge as much as 44%
Development

Salaries for the least popular programming languages surge as much as 44%

23 Jun 2022