Until a few days ago, Adobe had decided not to fix one of its security vulnerabilities. Instead, it tried pushing the next release of its Creative Studio, CS6 as a solution to a critical security issue. This was wrong on multiple levels and was downright unacceptable. The intellectuals and Adobe received thumbs down for this decision. Finally seeing the wrong it has done, now Adobe has decided to retract its decision, and has announced that it is releasing a security fix for the CS5 after all.
Adobe is notorious for having security vulnerability in its products. For a company that is known for having poor security and releasing numerous fixes every few days, Adobe should take extra care when handling matters like these. Now that Adobe has come out in support of a security fix, it is being given the benefit of doubt by The Verge.
The confusion seemingly came from the original wording of the Adobe product security bulletin, which stated, “Adobe Photoshop CS6 addresses these vulnerabilities” without mentioning that a security patch for older versions was being worked on.
However, the security fix is not a complete one. Adobe is supposed to support all versions of its Creative Suite. However, the fix is appearing only on the CS5 for now. This means, CS4, which is also a supported version still remains vulnerable. This lax attitude from Adobe in time when hacks are the order of the day is appalling.