 |
 |
 |
|||||||||||||
 |
|||||||||||||||
 |
|||||||||||||||
|
|||||||||||||||
|
|||||||||||||||
 |
|
|
|
|
||||||||||||
|
Security issue in Adobe Photoshop bitmap and .PNG files, could compromise designers' computers. Potential Adobe Photoshop bitmap and PNG security issueSecurity researcher reveals potential Photoshop bitmap file and PNG graphic vulnerability. A security researcher known as Marsu has discovered a security issue in two graphics file formats, Bitmap and PNG. The flaw, announced via security website Secunia, shows that the image editing application Adobe Photoshop CS2, and possibly the new version of Photoshop, CS3, contain a security vulnerability that could potentially compromise users' computers. The flaw is caused by an error in the BMP.8BI Photoshop Format Plugin when dealing with Bitmap files. This may allow hackers to exploit the situation by causing a stack-based buffer overflow via a customised .BMP file. The vulnerability can also affect bitmaps with the file extensions .DIB and .RLE. According to Secunia the security flaw has been confirmed as affecting Photoshop CS2 and CS3, but may also affect other versions. Although the vulnerability was tested under Windows XP, there was no mention as to whether the security risk was limited to the Microsoft Windows operating system, or whether it could also affect Apple Macintosh OS X computers. A similar security hole has also been discovered in the .PNG file format and affects both Photoshop and Adobe Photoshop Elements. At this stage there is no patch from Adobe, and the advice given by Secunia is not to open un-trusted Bitmap or .PNG files. The .BMP bitmap file format is rarely used by graphic designers as a final artwork file. But this format is sometimes supplied by clients, or used as an attachment in emails. The .PNG file format is generally used by web designers, although it is not as popular as the .GIF and .JPEG formats.
|
|
|||||||||||||||
|
||||||||||||||||