Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Submission + - Adobe Changes Tune on Forcing Paid Upgrade to Fix Security Flaws (securityweek.com)

wiredmikey writes: On Thursday, news of Adobe deciding to forgo developing a software patch to address code execution vulnerabilities in three applications under its popular CS5 creative suite. The problem exists within the parsing of TIFF files. If a malicious TIFF is opened, an attacker could execute code on the system with the privileges of the active user.

Instead of developing a patch for the software, Adobe originally said that in order to fix the issue, users would have to upgrade their software to the newer CS6 version—something users would have to pay for.

But since then, and after complaints, bad press, and user backlash, Adobe has changed its tune. The company now says that it is in the process of developing a patch that won’t essentially force users to upgrade in order to fix the security vulnerability.

For a popular product that was just over two years old, providing a fix to address a serious security flaw its what customers deserve. And while Adobe may have originally tried to sneak by without addressing the issue and pushing users to upgrade to its new product, the company made the right move in the end.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Adobe Changes Tune on Forcing Paid Upgrade to Fix Security Flaws

Comments Filter:

This login session: $13.76, but for you $11.88.