Adobe Scrambling to Patch Illustrator Bug
An unidentified hacker has posted a proof of concept attack that shows how the vulnerability could be used to run unauthorized software on a victim's computer. Adobe says the users have to open a maliciously crafted Encapsulated PostScript (.eps) file in Illustrator for the attack to work. The flaw exists in Illustrator Creative Suite versions 13 and 14, says security vendor Secunia.
Next Tuesday, Adobe is already planning to fix other critical bugs in its Flash Player software, the same day Microsoft is planning its December Patch Tuesday release.