The company’s latest patch for Photoshop addresses what Adobe calls “critical” vulnerabilities in Photoshop CS4 11.01 and earlier for Windows and Mac, according to its latest security bulletin.
The exploit, says Adobe, could allow attackers to take control of successfully exploited systems. “A malicious .ASL, .ABR, or .GRD file must be opened in Photoshop CS4 by the user for an attacker to be able to exploit these vulnerabilities”, said the notice.
Adobe is recommending that Photoshop CS4 users update to Photoshop CS4 11.0.2; the company says that this exploit does not affect Photoshop CS5.
Gjoko Krstic of Zero Science Lab has been given credit by Adobe for discovering and reporting the vulnerabilities.