Wednesday, February 25, 2009

adobe.photoshop.macintosh - 26 new messages in 5 topics - digest

adobe.photoshop.macintosh
http://groups.google.com/group/adobe.photoshop.macintosh?hl=en

adobe.photoshop.macintosh@googlegroups.com

Today's topics:

* Really big stupid bug in CS4! - 2 messages, 2 authors
http://groups.google.com/group/adobe.photoshop.macintosh/t/dbbeb65f5721de6c?hl=en
* Found a bug and why your cursor selection is off 10 pixels. - 2 messages, 2
authors
http://groups.google.com/group/adobe.photoshop.macintosh/t/cf0fb24bed0cad49?hl=en
* New Adobe security bulletin -- all platforms - 15 messages, 3 authors
http://groups.google.com/group/adobe.photoshop.macintosh/t/c2eee593505594d0?hl=en
* MacBook Pro - 3 messages, 2 authors
http://groups.google.com/group/adobe.photoshop.macintosh/t/9f79b77aed8125df?hl=en
* Another Adobe vulnerability: now it's Flash - 4 messages, 3 authors
http://groups.google.com/group/adobe.photoshop.macintosh/t/80838ca1ec3b6442?hl=en

==============================================================================
TOPIC: Really big stupid bug in CS4!
http://groups.google.com/group/adobe.photoshop.macintosh/t/dbbeb65f5721de6c?hl=en
==============================================================================

== 1 of 2 ==
Date: Wed, Feb 25 2009 7:04 am
From: Joakim_Markussen@adobeforums.com


I dont think so. Here is the report:

Date/Time: 2009-02-25 16:01:44.592 +0100
OS Version: 10.4.11 (Build 8S165)
Report Version: 4

Command: Adobe Photoshop CS4
Path: /Applications/Adobe Photoshop CS4/Adobe Photoshop CS4.app/Contents/MacOS/Adobe Photoshop CS4
Parent: WindowServer [109]

Version: 11.0.1 (11.0.1x20090216 [20090216.r.522 2009/02/16:17:00:00 cutoff; r branch]) (11.0.1)

PID: 947
Thread: 0

Exception: EXC_BAD_ACCESS (0x0001)
Codes: KERN_INVALID_ADDRESS (0x0001) at 0x73c00000

Thread 0 Crashed:
0 <<00000000>> 0x73c00000 0 + 1941962752
1 com.adobe.Photoshop 0x00315264 0x1000 + 3228260
2 SH2Selective.8li 0x12782074 Filter__14cPSEventFilterFUlP5_ADsclPv + 676
3 com.adobe.Photoshop 0x002d7c78 0x1000 + 2976888
4 com.adobe.Photoshop 0x0008ed0c 0x1000 + 580876
5 com.adobe.Photoshop 0x0008b998 0x1000 + 567704
6 com.adobe.Photoshop 0x0007fab4 0x1000 + 518836
7 com.adobe.Photoshop 0x000828d4 0x1000 + 530644
8 com.adobe.Photoshop 0x00082b58 0x1000 + 531288
9 com.adobe.Photoshop 0x00845010 0x1000 + 8667152
10 com.adobe.Photoshop 0x0007fe5c 0x1000 + 519772
11 com.adobe.Photoshop 0x002c26d8 0x1000 + 2889432
12 com.adobe.Photoshop 0x002c2b10 0x1000 + 2890512
13 com.adobe.Photoshop 0x00003d7c 0x1000 + 11644
14 com.adobe.Photoshop 0x00003a80 0x1000 + 10880

Thread 1:
0 libSystem.B.dylib 0x9003248c wait4 + 12
1 com.apple.Foundation 0x92be378c _waitForTermination + 40
2 libSystem.B.dylib 0x9002b908 _pthread_body + 96

Thread 2:
0 libSystem.B.dylib 0x9002bfc8 semaphore_wait_signal_trap + 8
1 libSystem.B.dylib 0x90030aac pthread_cond_wait + 480
2 com.adobe.amt.services 0x0991ef58 AMTConditionLock::LockWhenCondition(int) + 56
3 com.adobe.amt.services 0x09919b70 AMTThreadedPCDService::PCDThreadWorker(_AMTThreadedPCDService*) + 104
4 com.adobe.amt.services 0x0991effc AMTThread::Worker(void*) + 48
5 libSystem.B.dylib 0x9002b908 _pthread_body + 96

Thread 3:
0 libSystem.B.dylib 0x9000af48 mach_msg_trap + 8
1 libSystem.B.dylib 0x9000ae9c mach_msg + 60
2 ...ple.CoreServices.CarbonCore 0x90baaa48 TS_exception_listener_thread + 112
3 libSystem.B.dylib 0x9002b908 _pthread_body + 96

Thread 4:
0 libSystem.B.dylib 0x9002bfc8 semaphore_wait_signal_trap + 8
1 libSystem.B.dylib 0x90030aac pthread_cond_wait + 480
2 ...ple.CoreServices.CarbonCore 0x90c04484 MPWaitOnSemaphore + 184
3 MultiProcessor Support 0x0c967a8c dyld_stub_strcmp + 210933580
4 ...ple.CoreServices.CarbonCore 0x90bc6734 PrivateMPEntryPoint + 76
5 libSystem.B.dylib 0x9002b908 _pthread_body + 96

Thread 5:
0 libSystem.B.dylib 0x9002bfc8 semaphore_wait_signal_trap + 8
1 libSystem.B.dylib 0x90030aac pthread_cond_wait + 480
2 ...ple.CoreServices.CarbonCore 0x90bc6924 MPWaitOnQueue + 224
3 AdobeACE 0x02632a8c dyld_stub_sqrtf + 39235724
4 AdobeACE 0x02632410 dyld_stub_sqrtf + 39234064
5 ...ple.CoreServices.CarbonCore 0x90bc6734 PrivateMPEntryPoint + 76
6 libSystem.B.dylib 0x9002b908 _pthread_body + 96

Thread 6:
0 libSystem.B.dylib 0x90040df8 mach_wait_until + 8
1 libSystem.B.dylib 0x90040bc4 nanosleep + 388
2 com.adobe.PSAutomate 0x1db6312c ScObjects::Thread::sleep(unsigned) + 144
3 com.adobe.PSAutomate 0x1db63234 ScObjects::Thread::wait(unsigned) + 56
4 com.adobe.PSAutomate 0x1db51818 ScObjects::BridgeTalkThread::run() + 436
5 com.adobe.PSAutomate 0x1db635d4 ScObjects::Thread::go(void*) + 316
6 libSystem.B.dylib 0x9002b908 _pthread_body + 96

Thread 0 crashed with PPC Thread State 64:
srr0: 0x0000000073c00000 srr1: 0x100000000000d030 vrsave: 0x0000000000000000
cr: 0x44004204 xer: 0x0000000000000000 lr: 0x00000000002e381c ctr: 0x0000000073c00002
r0: 0x00000000002e380c r1: 0x00000000bffff210 r2: 0x0000000000182f9c r3: 0x0000000000750072
r4: 0x000000001ef683a0 r5: 0x0000000000000000 r6: 0x0000000000000000 r7: 0x0000000000000000
r8: 0x000000001efcd6b0 r9: 0x0000000000000500 r10: 0x0000000090bb0584 r11: 0x00000000bffff1e0
r12: 0x0000000073c00002 r13: 0x0000000000000000 r14: 0x0000000000000000 r15: 0x0000000000000000
r16: 0x0000000000000000 r17: 0x0000000000000000 r18: 0x0000000000000000 r19: 0x0000000000000000
r20: 0x00000000bffff63c r21: 0x0000000005672980 r22: 0x0000000094cbdedc r23: 0x0000000000000001
r24: 0x00000000bffff650 r25: 0x000000000d1ddf18 r26: 0x00000000736c6374 r27: 0x0000000000000ee0
r28: 0x000000000d1dded8 r29: 0x000000000d1dde70 r30: 0x00000000bffff2fc r31: 0x0000000000000500

Binary Images Description:
0x1000 - 0x1e00fff com.adobe.Photoshop 11.0.1 (11.0.1x20090216 [20090216.r.522 2009/02/16:17:00:00 cutoff; r branch]) (11.0.1) /Applications/Adobe Photoshop CS4/Adobe Photoshop CS4.app/Contents/MacOS/Adobe Photoshop CS4
0x2453000 - 0x24bdfff AdobeXMP /Applications/Adobe Photoshop CS4/Adobe Photoshop CS4.app/Contents/Frameworks/AdobeXMP.framework/Versions/A/AdobeXMP
0x24cb000 - 0x24e8fff AdobeBIB /Applications/Adobe Photoshop CS4/Adobe Photoshop CS4.app/Contents/Frameworks/AdobeBIB.framework/Versions/A/AdobeBIB
0x24f1000 - 0x24f6fff com.adobe.AdobeCrashReporter 2.5 (3.0.20080806) /Applications/Adobe Photoshop CS4/Adobe Photoshop CS4.app/Contents/Frameworks/AdobeCrashReporter.framework/Versions/A/AdobeCrashReporter
0x2605000 - 0x2707fff AdobeACE /Applications/Adobe Photoshop CS4/Adobe Photoshop CS4.app/Contents/Frameworks/AdobeACE.framework/Versions/A/AdobeACE
0x2722000 - 0x2744fff AdobeBIBUtils /Applications/Adobe Photoshop CS4/Adobe Photoshop CS4.app/Contents/Frameworks/AdobeBIBUtils.framework/Versions/A/AdobeBIBUtils
0x2750000 - 0x276ffff AdobePDFSettings /Applications/Adobe Photoshop CS4/Adobe Photoshop CS4.app/Contents/Frameworks/AdobePDFSettings.framework/Versions/A/AdobePDFSettings
0x2787000 - 0x27aefff AdobeAXE8SharedExpat /Applications/Adobe Photoshop CS4/Adobe Photoshop CS4.app/Contents/Frameworks/AdobeAXE8SharedExpat.framework/Versions/A/AdobeAXE8SharedExpat
0x27be000 - 0x27d9fff libicudata.dylib.36.0 /Applications/Adobe Photoshop CS4/Adobe Photoshop CS4.app/Contents/Frameworks/ICUData.framework/Versions/3.6/libicudata.dylib.36.0
0x27dc000 - 0x27f1fff com.adobe.LogTransport 1.0 /Applications/Adobe Photoshop CS4/Adobe Photoshop CS4.app/Contents/Frameworks/LogTransport.framework/Versions/A/LogTransport
0x3008000 - 0x3430fff com.adobe.linguistic.LinguisticManager 4.0.0 (7863) /Applications/Adobe Photoshop CS4/Adobe Photoshop CS4.app/Contents/Frameworks/AdobeLinguistic.framework/Versions/3/AdobeLinguistic
0x34e0000 - 0x36d6fff AdobeOwl /Applications/Adobe Photoshop CS4/Adobe Photoshop CS4.app/Contents/Frameworks/AdobeOwl.framework/Versions/A/AdobeOwl
0x3747000 - 0x3b37fff AdobeMPS /Applications/Adobe Photoshop CS4/Adobe Photoshop CS4.app/Contents/Frameworks/AdobeMPS.framework/Versions/A/AdobeMPS
0x3bc0000 - 0x3ec7fff AdobeAGM /Applications/Adobe Photoshop CS4/Adobe Photoshop CS4.app/Contents/Frameworks/AdobeAGM.framework/Versions/A/AdobeAGM
0x3f7a000 - 0x4211fff AdobeCoolType /Applications/Adobe Photoshop CS4/Adobe Photoshop CS4.app/Contents/Frameworks/AdobeCoolType.framework/Versions/A/AdobeCoolType
0x428d000 - 0x4327fff libicucnv.dylib.36.0 /Applications/Adobe Photoshop CS4/Adobe Photoshop CS4.app/Contents/Frameworks/ICUConverter.framework/Versions/3.6/libicucnv.dylib.36.0
0x4353000 - 0x4


== 2 of 2 ==
Date: Wed, Feb 25 2009 8:53 am
From: DYP@adobeforums.com


No problem here. Just a dialog box that says "Could not use the move tool because no layers are selected".

==============================================================================
TOPIC: Found a bug and why your cursor selection is off 10 pixels.
http://groups.google.com/group/adobe.photoshop.macintosh/t/cf0fb24bed0cad49?hl=en
==============================================================================

== 1 of 2 ==
Date: Wed, Feb 25 2009 7:07 am
From: Matthias_Lemcke@adobeforums.com


Opening a Smart Object while in full screen mode also triggers the problem. Hitting the f-key and thereby changing the screen mode sets the cursor back to normal.


== 2 of 2 ==
Date: Wed, Feb 25 2009 7:12 am
From: Ramón_G_Castañeda@adobeforums.com


Hitting the f-key and thereby changing the screen mode sets the cursor
back to normal.


Interesting. Thanks, Matthias.

Incidentally, for those of us experiencing the 1-pixel displacement of the marching ants when using Command+A or the marquee tool, switching away from the Standard View also solves the problem.

==============================================================================
TOPIC: New Adobe security bulletin -- all platforms
http://groups.google.com/group/adobe.photoshop.macintosh/t/c2eee593505594d0?hl=en
==============================================================================

== 1 of 15 ==
Date: Wed, Feb 25 2009 7:07 am
From: Neil_Keller@adobeforums.com


Ramón,

Agreed. Of course, even PDFs from "known" sources can be compromised. IIRC, about 10-12 years ago, Corel distributed their own boxed software with a Mac-only virus actually burned into the CDs by accident.

So, obviously, downloads from shady sources should always be avoided. Yet, that doesn't mean we should let our guard down with files sent from clients or file downloads from well-known and respected sources.

Neil


== 2 of 15 ==
Date: Wed, Feb 25 2009 7:07 am
From: Ramón_G_Castañeda@adobeforums.com


<http://news.cnet.com/8301-1009_3-10168266-83.html>


== 3 of 15 ==
Date: Wed, Feb 25 2009 7:08 am
From: Ramón_G_Castañeda@adobeforums.com


Neil,

Shame on you for trusting Corel! :D


== 4 of 15 ==
Date: Wed, Feb 25 2009 7:12 am
From: Neil_Keller@adobeforums.com


From Ramón's link:

Symantec, meanwhile, reports seeing the exploit used against only a few
government agencies and large corporations, and within those organizations,
only a few people are targeted, said Kevin Haley, a Symantec Security
Response director.


So even major corps and government agencies can harbor malicious PDF documents.

Neil


== 5 of 15 ==
Date: Wed, Feb 25 2009 7:14 am
From: Ramón_G_Castañeda@adobeforums.com


There's much evil in "major corps and government agencies". ;)


== 6 of 15 ==
Date: Wed, Feb 25 2009 7:16 am
From: Neil_Keller@adobeforums.com


Ramón,

Shame on you for trusting Corel!


Hey, it was cheap! <g>

Neil


== 7 of 15 ==
Date: Wed, Feb 25 2009 7:23 am
From: Ramón_G_Castañeda@adobeforums.com


MacWorld:


== 8 of 15 ==
Date: Wed, Feb 25 2009 7:28 am
From: Neil_Keller@adobeforums.com


More:

Macworld: <http://www.macworld.com/article/139007/2009/02/acrobat_vulnerability.html>
Also: multiplatform Flash vulnerability fixed: <http://www.macworld.com/article/139030/2009/02/adobeflash.html>

Neil


== 9 of 15 ==
Date: Wed, Feb 25 2009 7:44 am
From: Ramón_G_Castañeda@adobeforums.com


I've disabled Java in Acrobat and Reader. Updated Flash.

Disabling Java takes care of the Acrobat/Reader flaw, and the patch for Flash 10 released on 2/5/2009 takes care of the issue in that application.


== 10 of 15 ==
Date: Wed, Feb 25 2009 7:55 am
From: Jim_Jordan@adobeforums.com


From Neil's first link:

However, the vulnerability is not in the scripting engine and, therefore,
disabling JavaScript does not eliminate all risk.


Disabling Javascript just lessens your risk. It does not make you entirely safe.

The fact that Acrobat/Reader and Flash have been patched in the past for the very same issue makes me wonder why this particular alert is any more serious. Even Apple has issued security updates to address PDF and SWF in the past.

The increased publicity of this particular warning and the fact that disabling Javascript does not cure everything makes me think that the exploit is probably very simple and could be replicated on a much larger scale than anything prior.


== 11 of 15 ==
Date: Wed, Feb 25 2009 8:01 am
From: Neil_Keller@adobeforums.com


The added risk is not in the exploitation of this vulnerability as it exists so far, it is in it potential of additional (perhaps more serious) exploits possible (and expected) with the current vulnerability.

One temporary option suggested is to open PDFs with Preview, which apparently does not suffer the same vulnerability as Reader or Acrobat do.

Neil


== 12 of 15 ==
Date: Wed, Feb 25 2009 8:10 am
From: Jim_Jordan@adobeforums.com


The risk is not just in the exploitation of this vulnerability as it exists
so far, it is in it potential of additional (perhaps more serious) exploits
possible (and expected) with the current vulnerability.


That is the same as it was for previous security updates to Acrobat/Reader. Previous security updates have also been released to prevent the same type of attack. The following (presented in your first link) is not new text.

"This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system"

Look at this from last year. <http://www.adobe.com/support/security/bulletins/apsb08-13.html>

It is the same problem. The ability to take over a system (of any platform) through Acrobat/Reader has existed for years. The increased hype on this month's issue is just odd. This makes me think the exploit is much easier this time or else Adobe would not act so panicked.


== 13 of 15 ==
Date: Wed, Feb 25 2009 8:25 am
From: Neil_Keller@adobeforums.com


Jim,

I'm just the messenger. Variation of an old issue or not, the current threat is real and I'm taking it seriously.

Neil


== 14 of 15 ==
Date: Wed, Feb 25 2009 8:58 am
From: Ramón_G_Castañeda@adobeforums.com


Neil,

If it weren't serious, Adobe would not be compromising their reputation
by being public about it.


I agree. Adobe has a lot invested in PDF technology. They can't be too happy about seeing it compromised.


== 15 of 15 ==
Date: Wed, Feb 25 2009 9:02 am
From: Jim_Jordan@adobeforums.com


Rhetorical questions for deeper thoughts...

While we cannot guess Adobe's motivations in the increased publicity, why are we taking this threat seriously when it is no different than previous security issues with Acrobat/Reader? What has changed? Is it really news that Mac can be exploited?

This forum is filled with posts about how many of us do not care about security because we perceive safety on Mac. So why should we care about this threat when it is no different than all the others in the past?

It seems apparent that the myth about secure platforms is fading, even in this forum. Both OSX and Linux, two of the more 'secure' platforms, are clearly vulnerable.

==============================================================================
TOPIC: MacBook Pro
http://groups.google.com/group/adobe.photoshop.macintosh/t/9f79b77aed8125df?hl=en
==============================================================================

== 1 of 3 ==
Date: Wed, Feb 25 2009 7:12 am
From: Andrew_Neighbour@adobeforums.com


Thanks Guys! I am still hoping to hear from someone using a MacBook Pro with LR/CS4 to get a sense of how they perform together.
Thanks,
Andrew


== 2 of 3 ==
Date: Wed, Feb 25 2009 8:17 am
From: Neil_Keller@adobeforums.com


Andrew,

Fast CPUs, big hard drives, separate monitor, and a lot of RAM are always best. But laptops are always a compromise for the sake of portability. Understand that the best setup for heavy use is going to be a Mac tower. But if portability if key, the configuration you're looking at should work fine. As for RAM, the larger and more complex the files, the more apps you are using simultaneously, the more, the better. You should also consider adding a separate external drive for scratch.

Other good RAM sources: Crucial and RAMjet.

Neil


== 3 of 3 ==
Date: Wed, Feb 25 2009 8:18 am
From: Neil_Keller@adobeforums.com


Andrew,

Fast CPUs, multiple big hard drives, separate monitor, and a lot of RAM are always best. So laptops are always a compromise for the sake of portability. Understand that the best setup for heavy-duty use is generally going to be a Mac tower. But if portability if key, the configuration you're looking at should work fine. As for RAM, the larger and more complex the files, the more apps you are using simultaneously, the more, the better. You should also consider adding a separate external drive for scratch.

Other good RAM sources: Crucial and RAMjet.

Neil

==============================================================================
TOPIC: Another Adobe vulnerability: now it's Flash
http://groups.google.com/group/adobe.photoshop.macintosh/t/80838ca1ec3b6442?hl=en
==============================================================================

== 1 of 4 ==
Date: Wed, Feb 25 2009 7:28 am
From: Ramón_G_Castañeda@adobeforums.com


From ComputerWorld: Adobe patches Flash vulnerabilities for three platforms <http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9128583&intsrc=hm_list>

Dated today.

"The flaws affect Windows, Mac OS X and Linux"


== 2 of 4 ==
Date: Wed, Feb 25 2009 7:45 am
From: Ramón_G_Castañeda@adobeforums.com


I've disabled Java in Acrobat and Reader. Updated Flash.

Disabling Java takes care of the Acrobat/Reader flaw, and the patch for Flash 10 released on 2/5/2009 takes care of the issue in that application.


== 3 of 4 ==
Date: Wed, Feb 25 2009 8:03 am
From: Jim_Jordan@adobeforums.com


Disabling Java takes care of the Acrobat/Reader flaw


The Adobe tech alerts indicate otherwise <http://www.adobe.com/support/security/advisories/apsa09-01.html>. Disabling javascript helps but it is not a cure.


== 4 of 4 ==
Date: Wed, Feb 25 2009 8:05 am
From: Neil_Keller@adobeforums.com


Use Preview to open PDFs is suggested in the MacUser column of Macworld.com.

Neil


==============================================================================

You received this message because you are subscribed to the Google Groups "adobe.photoshop.macintosh"
group.

To post to this group, visit http://groups.google.com/group/adobe.photoshop.macintosh?hl=en

To unsubscribe from this group, send email to adobe.photoshop.macintosh+unsubscribe@googlegroups.com

To change the way you get mail from this group, visit:
http://groups.google.com/group/adobe.photoshop.macintosh/subscribe?hl=en

To report abuse, send email explaining the problem to abuse@googlegroups.com

==============================================================================
Google Groups: http://groups.google.com/?hl=en

0 comments:

Template by - Abdul Munir | Daya Earth Blogger Template