A recently published update for the Adobe Creative Cloud graphics service has been pulled by Adobe following reports that the Mac version of the software may delete important user data with no warning.
Backblaze, a data backup service, has been hit hardest by the bug, with their official providing some insight into the issue. Whenever a user signs into the Adobe Creative Cloud service after the update, a script is run that automatically deletes the first folder found in the root directory of the Mac. Due to Backblaze’s reliance on a hidden folder named .bzvol, it has been hit harder than many other software or services, as this required folder is likely to be the first directory in the root.
In an email, Backblaze Marketing Manager Yev Pusin wrote “This caused a lot of our customers to freak out. The reason we saw a huge uptick from our customers is because Backblaze’s .bzvol is higher up the alphabet. We tested it again by creating a hidden file with an ‘.a’ name, and the files inside were removed as well.” A number of Backblaze officials have posted videos of the bug in action online. The only version that seems to be causing the unwanted deletions is 126.96.36.199.
Even those who don’t use the Backblaze service are suffering effects potentially dangerous to their system with the.DocumentRevisions-V100, which is required for Mac autosave and version history to function, being high up alphabetically. Folders with spaces are also at risk, and as a result, the data of users who store important files in them, with OSX sorting said folders to the top entry on the hard drive.
Adobe has already addressed the issue, with an Adobe spokesperson stating “We are aware that some customers have experienced this issue and we are investigating in order to resolve the matter as quickly as possible. We are stopping the distribution of the update until the issue has been resolved.” Anyone who is yet to install the update should refrain from doing so, and those who have should avoid logging in to the service until a fix is published. For those who already have the update have a workaround available, by creating a folder sorted higher alphabetically than any other on the drive. An obvious example would be “.aaaaaa”, but Backblaze has suggested the more amusing “.adobedontdeletemybzvol.”
It is amazing how a bug this major can be allowed to go live without being spotted and there is always the possibility of sabotage with an unscrupulous employee or hacker hiding the script in the code. Until Adobe releases more news on the issue and a fix, we don’t know, but it should certainly make many users a lot more wary of the service.