Adobe Introduces the Paid Security Fix 392
Nimey writes "Adobe has posted a security bulletin for Photoshop CS5 for Windows and OSX. It seems there is a critical security hole that will allow attackers to execute arbitrary code in the context of the user running the affected application. Adobe's fix? You need to pay to upgrade to Photoshop CS6. For users who cannot upgrade to Adobe Photoshop CS6, Adobe recommends users follow security best practices and exercise caution when opening files from unknown or untrusted sources."
Ugh (Score:3, Informative)
If this was a years-old version, I'd understand, but CS5 was the latest version until literally days ago!
Re:Call it the Microsoft method (Score:5, Informative)
Sorry but Microsoft does the best at offering security fixes at no cost. I can't think of another company that does it better than Microsoft.
Re:Ugh (Score:0, Informative)
That's incorrect. Photoshop, Illustrator, Fireworks, and Contribute weren't updated in CS5.5. See here [prodesigntools.com].
Re:Call it the Microsoft method (Score:5, Informative)
Windows: Pirate our software, we'll still give you security fixes (although we might put a watermark asking you to stop pirating it)
Adobe: Buy our software, but you only get security fixes if you give us even more money.
Hell, MS gives security fixes even to XP until 2014 (13 years after its release). CS5 is less than 2 years old.
They knew over six months ago! (Score:4, Informative)
Re:A non story (Score:4, Informative)
Re:Call it the Microsoft method (Score:3, Informative)
Actually, if by "RHEL from 2008" you mean RHEL5 then you were quite wrong. Apparently, redhat promises security updates at last until sometime in 2017:
https://access.redhat.com/support/policy/updates/errata/ [redhat.com]
Re:Slight correction (Score:4, Informative)
And it has only been released for purchase for a few DAYS. It was released this week (the week of the 7th).
Almost makes me wonder if they new about the problem and only acknowledged it now so they didn't have to patch it for free. captcha revenues
Re:Call it the Microsoft method (Score:3, Informative)
This is not support. This is fixing something that was broke in the first place.
Re:Call it the Microsoft method (Score:4, Informative)
So are you offering to pay $10K or more for this hypothetical near-perfect software?
or will you pay $200 and accept that there may be bugs (and that the company will offer fixes for major security issues for x years) ?
It all comes down to economics at some point.