Adobe has confirmed a vulnerability in its Illustrator CS3 and CS4 software, a computer drawing tool, and plans to patch the buffer overflow bug on Jan. 8, according to an advisory issued Monday. The flaw, deemed “critical” by Adobe, could be exploited to execute arbitrary code on victim machines. As users await a fix, Adobe recommends they avoid opening .eps files from untrusted sources. — DK