Major Vulnerability Announced in Adobe Software

By | May 17, 2012

Adobe is the leader in graphics and illustrations for the web. Most midsize businesses use graphics created by the Adobe Photoshop and Flash applications, and Adobe's Reader software is the primary application for viewing read-only documents. When the news was released that Adobe's Flash and Illustrator products had vulnerabilities, the company refused to patch its software to protect users' computers. Adobe recently changed its stance on patches, and released updates for vulnerable software.

Adobe Products and JavaScript

Adobe Flash and the Reader applications are vulnerable to malware because they implement JavaScript to run some procedures. Flash users must install the Flash software and run videos in the browser to view a website created in Flash.

The biggest vulnerability announced was with the Adobe Flash software. If users are running an older version of Flash, a hacker is able to take over the computer and insert malware. Typically, a hacker inserts malware that allows the hacker to gain access to website or email passwords. The information is uploaded to the hacker's server, and the data is collected to either sell or use for the hacker's own purposes.

ComputerWorld announced that Adobe had initially told users to patch Microsoft Windows to avoid being hacked, but after demands from technology experts, Adobe released a patch for the Flash system. The patch protects users who view Flash movies in the browser, including Internet Explorer, Safari, Firefox, and Chrome.

Patching Your System

Adobe confirmed the security bug and offered a patch for the Microsoft and Apple operating systems. The security patch should be run on any system running Adobe Photoshop, Illustrator or just the Flash creation software. The security flaw allows a hacker to take control of the computer, so users are urged to patch the system to avoid having passwords and private information stolen.

The best protection from future security flaws is to always keep antivirus software updated on your system. Antiviruses do not always protect you from new viruses, but you can also avoid vulnerabilities by updating the Windows operating system using the update system included with Windows 7, Vista, and XP. The patches are sometimes distributed before the antivirus software updates the virus definition files, so using both methods protects your computers from being infected with malware.

The protection stops hackers from obtaining data from internal employee computers, so business owners and IT managers should always keep updates and antivirus software installed and watch network resources for any suspicious activity.

This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet. Like us on Facebook. Follow us on Twitter.

IBM Solution Security & Resiliency

IBM IT security expertise can help medium-sized businesses develop, implement and maintain comprehensive strategies to combat ever-evolving security threats without increasing complexity, cost, or resources required for administration.

Learn More »

More on This Topic

Three Security Concerns for 2016

By Allan Pratt on Dec 4, 2015
As we near the end of 2015, what will 2016 look like in the information security sector? Undoubtedly there be an increase in data breaches across all industries, but will businesses take the high road and inform their customers and ...