Adobe patches 'critical' Photoshop CS4 vulnerability
Installing third-party Photoshop swatches, brushes and gradients from unknown sources could leave an open door for hackers.
Adobe has issued a security update for Photoshop CS4 to fix "critical" vulnerabilities in the image-editing software.
According to the company's latest security bulletin, users attempting to open some brushes, gradients and colour swatches in Photoshop CS4 could be leaving themselves vulnerable for attackers to take control of their systems. The latest CS5 generation of Photoshop isn't affected.
"Critical vulnerabilities have been identified in Photoshop CS4 11.01 and earlier for Windows and Macintosh that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system," the bulletin reads.
Adobe says users are only at risk if they open a malicious ASL, ABR or GRD file in other words, swatches, brushes and gradients. A wide range of third-party add-ons are available to download for Photoshop, allowing users to expand the software's abilities and add extra features.
Users of all versions of the software up to CS4 11.01 are advised to install the update, and Adobe also advises Photoshop users to be cautious when downloading or opening files from unknown sources.
To check which version of Photoshop is currently installed, select About Adobe Photoshop CS4 in the Help menu. The update is available in Windows and Mac OS X variants, and can be downloaded from the Adobe Support site.
Adobe credits Zero Science Lab's Gjoko Krstic for discovering and reporting the issue.
Key considerations for implementing secure telework at scale
Identifying the security risks and advanced requirements of a remote workforceDownload now
The State of Salesforce 2020
Your guide to getting the most from SalesforceDownload now
Fast, flexible and compliant e-signatures for global businesses
Be at the forefront of digital transformation with electronic signaturesDownload now
Rethink your cybersecurity strategy for the new world
5 steps to secure the enterprise and be fit for a flexible futureDownload now