Fears over a reportedly unpatched flaw in Adobe Illustrator have been heightened by the release of exploit code. A zero-day flaw in the vector graphics editor means that users tricked into opening maliciously manipulated Encapsulated Postscript Files (.eps) files are liable to find themselves hacked. Successful exploitation of …
The worst bit is that flash isn't covered by the host OS updater or the browser (yet, though firefox may address this soon)- as least on my Windows and MacOS boxes. This situation is probably the cause of tonnes of unpatched installs- especially how bloody it can be to get the feckin' IE plugin to update (often needs sweeping out totally and reinstalling).
This sh*t needs sorting, and I don't mean by adobe forcing yet another terrible downloader on people.
Of course, my linux boxes will get the updates automagically when the distro updates, which is lovely. Secunia PSI will nag me on windows (worth installing, one of the few extra bits of cruft on my 'doze install). I need to make sure the Macs are up to date.
Yes, I use noscript, which controls flash too, but prefer paranoia to smugness..
A lot of "grey" copys of Illustratr CS3 out there
I wonder how many of them will be updated? And will the patch require any kind of "Adobe Genuine Advantage" style authentication.
Regular patch schedule
I think it's a bit rich to credit Adobe with having adopted a "regular patch schedule". Four times a year isn't it?