Adobe has decided to provide a software patch for a security flaw in Photoshop Creative Suite 5 (CS5), after previously sparking outrage by saying it would leave the flaw unpatched, so anyone who wanted to use the software securely would have to pay for an upgrade to the next version, CS6.
A fierce backlash apparently caused the vendor to think again: a security bulletin now promises a patch that will resolve the vulnerabilities in Adobe Photoshop CS5. Adobe is also working on patches for other vulnerabilities affecting CS5 products.
The vulnerabilities could have allowed an attacker to take control of an affected system.
A number of industry experts criticised Adobe for asking people to pay twice if they wanted to have a secure product. Graham Cluley, senior technology consultant at Sophos, said the update was “clearly preferable to Adobe customers’ only option being to pay hundreds of dollars to fix their software.”
Cluley had initially labelled the move “a PR disaster” for Adobe. “At first when I heard the news I thought there must be some mistake. Maybe Adobe’s security advisories had been worded poorly and although upgrading – for example, to PhotoShop CS6 – would fix the vulnerability, the firm would also roll out a free patch to users of earlier versions,” Cluley said in a blog post.
Adobe products have had a history of serious security flaws, but the company has usually moved fast to kill off threats, without charging users. In December, the company took some flak for not moving to patch some zero-day vulnerabilities when it said it would.
However, in April, it emerged Apple had reported more vulnerabilities than any other tech vendor in the first quarter of 2012.
Think you know security? Try our quiz!
Thoma Bravo agrees to acquire Darktrace for $5.32 billion in cash, delivering some welcome news…
Customer adoption of AI services embedded in cloud services continues to deliver results for Microsoft,…
TikTok's 'secret source' algorithm is so core to ByteDance, it would rather shut down US…
After relocating from California to Texas in 2020, Oracle's Larry Ellison now reveals plan to…
Share price hit after Meta admits heavy AI spending plans, after posting strong first quarter…
For third time Google delays phase-out of third-party Chrome cookies after pushback from industry and…