Forum Thread: end-of-life

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Adobe Systems
And, this specific program:
Adobe Illustrator CS4 14.x

This thread has been marked as locked.
quickjaw end-of-life
Member 6th Dec, 2010 19:21
Ranking: 0
Posts: 2
User Since: 27th Apr, 2009
System Score: N/A
Location: N/A
Last edited on 6th Dec, 2010 19:21

I have a problem with Adobe Illustrator CS4 and I'm not sure how to proceed.

Secunia is reporting it as end-of-life (which I find hard to believe) with the installation Path

C:\Program Files\Adobe\Adobe Illustrator CS4\Support Files\Contents\Windows\Illustrator.exe

The Extra information deals with an entirely different file - MPS.dll

-----
Extra Information / Known Issues with Adobe Illustrator CS4
In order to install the latest patch, please follow these instructions from adobe:
http://www.adobe.com/support/security/bulletins/ap...
-----

This is also the file that is downloaded after clicking the Download Solution Button.

That patch has already been applied - and I can find no information on the adobe site.

Any Thoughts, suggestions?

Jay Charland
jay@wcr.ab.ca

mogs RE: end-of-life
Member 6th Dec, 2010 20:04
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Hello.
Don't know what version of psi you are using. Tho' Secunia is showing the program as End of Life......is there another entry in the Patched tab ? Very often the older version/file is not automatically removed and psi will continue to detect....even if in the Recycle bin.
Hope this helps......regards,

--
Was this reply relevant?
+0
-0
Anthony Wells RE: end-of-life
Expert Contributor 6th Dec, 2010 20:34
Score: 2495
Posts: 3,386
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 6th Dec, 2010 20:57
Hello Jay ,

Here is the last "unpatched/not fully patched" Secunia Advisory for Illustrator CS4 which has just been updated as of 06/12/2010 and states the need to update to version 15.0.2 :-

http://secunia.com/advisories/41134/

If Adobe have not got a 15.0.2 for I CS4 and have decided to make "it end of life" then it (I CS4) will stay un-patched and insecure .

The link in your thread is for a I CS4 version 14.0.0 patch dating to 07/01/2010 and probably not relevant provided it has been applied in the past .

Here is a list off all I CS4 SA's since 2003 :-

http://secunia.com/advisories/product/28054/?task=...

and with 41134 highlighted .

The only safe option would appear to be to update to I CS5 15.0.2 .

Does that explain things for your system .

Anthony

PS : I believe this type of vulnerability can be mitigated using this M$ tool :-

http://www.microsoft.com/downloads/en/details.aspx...

ddmarshall is the expert in this field , hopefully he might comment here ; this is an earlier thread from him on the subject :-

http://secunia.com/community/forum/thread/show/538...



--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+1
-0
ddmarshall RE: end-of-life
Dedicated Contributor 6th Dec, 2010 21:08
Score: 1250
Posts: 992
User Since: 8th Nov 2008
System Score: 98%
Location: UK
Last edited on 6th Dec, 2010 21:10
I've not seen anything about support for CS4 ending but Secunia should be better informed than I am.

There was a security update to CS5 last week without a corresponding update to CS4 and CS3. This was identified as a library-loading vulnerability. If the same issue affects CS4, it can be mitigated with KB2264107:
http://support.microsoft.com/kb/2264107 .

EMET is always worth experimenting with.

--
Was this reply relevant?
+0
-0
Anthony Wells RE: end-of-life
Expert Contributor 6th Dec, 2010 21:24
Score: 2495
Posts: 3,386
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Thanks , ddm . An upgrade from I CS4 to 5 is about 200 bucks , so I'm sure Jay will value your advice .

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
Timma.Ampler RE: end-of-life
Member 6th Dec, 2010 22:17
Score: 0
Posts: 1
User Since: 6th Dec 2010
System Score: N/A
Location: US
Try to off your anti-virus software.
The problem is that the bulk of the population using the anti-virus software will see a vulnerability listed ten times, when there is only a real vulnerability once (for Illustrator). An order of magnitude more false positives than true positives in the alerting. Or, if the patch has already been applied (so Illustrator's MPS.dll file is no longer a threat), KAV will presumably not identify Illustrator's MPS.dll file as a threat, then falsely alert users about nine other MPS.dll files. It encourages people to ignore these warnings altogether as rarely being real.
Was this reply relevant?
+0
-0
mogs RE: end-of-life
Member 7th Dec, 2010 09:18
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+1
-0

This thread has been marked as locked.