Cyber Monday Deals Still Available Deals Under $25 Deals Under $50 Giving Tuesday Tech Fails of 2022 Best Live TV Streaming Service WHO Renames Monkeypox Change These Alexa Settings
Want CNET to notify you of price drops and the latest stories?
No, thank you
Accept

Critical flaw found in Photoshop plug-in

Vulnerability in graphics-file format plug-in discovered in Adobe Systems' Photoshop Creative Suite.

Security researchers have found a "highly critical" flaw in the portable-network graphics plug-in for the latest version of Adobe Systems' Photoshop Creative Suite, as well as for other versions of the software that run on Windows.

The portable-network graphics, or PNG, plug-in vulnerabilities were discovered in Adobe Photoshop Creative Suite 3 (CS3), Photoshop CS2, and Adobe Photoshop Elements (Editor) version 5.0 for Windows, according to a report released Monday by Secunia, which cited a researcher named "Marsu" with the discovery. Marsu tested a public exploit against versions of the software running Windows XP SP2.

These security flaws follow a report last week by Marsu that identified another set of critical vulnerabilities in Adobe Photoshop CS3 and CS2 for Windows.

The vulnerabilities reported on Monday can be exploited via a boundry error in the PNG.8BI Photoshop format plug-in when processing PNG files. Using a malicious PNG file, attackers can exploit the flaws to launch a buffer overflow attack to compromise the user's system.