Adobe Reader, Now Featuring Safety Patch
Core Security, company that specializes in penetration testing and provides security software solutions, has recently uncovered a buffer overflow-type security vulnerability in Adobe Reader as well as Adobe Acrobat. The vulnerability is locally and remotely exploitable, but it does not affect the latest Adobe Acrobat/Reader release version, version 9.0, nor does it affect the older 8.1.3 versions. An attacker could exploit this vulnerability only of you are using Adobe Reader and Adobe Acrobat v. 8.1.2.
That previous statement is not exactly accurate. What it should have said is that you are vulnerable to malicious attack if you keep using Adobe Reader 8.1.2 and Adobe Acrobat 8.1.2 without the recently released patch. For safety reasons it is important to update your Adobe software as soon as possible. Keep in mind that this is the only flaw ever to be discovered in this software product. The update will trigger itself automatically the next time you open Adobe Reader 8.1.2; if this does not occur, you can initiate a manual update by clicking on the Help tab and then Check for Updates.
“Adobe Reader suffers from a stack buffer overflow when parsing specially crafted (invalid) PDF files. The vulnerability is caused due to a boundary error when parsing format strings containing a floating point specifier in the "util.printf()" JavaScript function. Successful exploitation of the vulnerability requires that users open a maliciously crafted PDF file thereby allowing attackers to gain access to vulnerable systems and assume the privileges of a user running Acrobat Reader. Adobe Reader version 9, which was released in June 2008, is not vulnerable to the reported problem,” says the Core Security advisory.
A security fix or patch has been made available as of Tuesday, the 4th of November. You are very well advised to patch the software or upgrade to v 8.1.3 or 9.0.
Tags: Adobe, Adobe Reader, Adobe Acrobat, Core Security
That previous statement is not exactly accurate. What it should have said is that you are vulnerable to malicious attack if you keep using Adobe Reader 8.1.2 and Adobe Acrobat 8.1.2 without the recently released patch. For safety reasons it is important to update your Adobe software as soon as possible. Keep in mind that this is the only flaw ever to be discovered in this software product. The update will trigger itself automatically the next time you open Adobe Reader 8.1.2; if this does not occur, you can initiate a manual update by clicking on the Help tab and then Check for Updates.
Advertising
“Adobe Reader suffers from a stack buffer overflow when parsing specially crafted (invalid) PDF files. The vulnerability is caused due to a boundary error when parsing format strings containing a floating point specifier in the "util.printf()" JavaScript function. Successful exploitation of the vulnerability requires that users open a maliciously crafted PDF file thereby allowing attackers to gain access to vulnerable systems and assume the privileges of a user running Acrobat Reader. Adobe Reader version 9, which was released in June 2008, is not vulnerable to the reported problem,” says the Core Security advisory.
A security fix or patch has been made available as of Tuesday, the 4th of November. You are very well advised to patch the software or upgrade to v 8.1.3 or 9.0.
Tags: Adobe, Adobe Reader, Adobe Acrobat, Core Security
I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 23 May 2013
Microsoft rolled out a new ad in which it uses Siri’s voice to highlight several things the iPad can’t do. This brings back memories of the famous “Get a Mac” ads that bashed Microsoft’s PCs.
By George Norman on 22 May 2013
The free 9GAG app for Android-powered devices has been updated to version 1.4 earlier this week. The update adds the option to upload posts to 9GAG from within the app.Related News
By George Norman on 20 May 2013
Need help keeping track of how much time you spend on completing tasks? If you do, check out the efficient 'Whatcha Doing?' application.
By George Norman on 28 Feb 2013
Photoshop’s image editing functionality is now available for your smartphone. Give your photos a magic touch with the recently released iOS and Android app, Adobe Photoshop Touch. Advertising
Hot Software Updates
Top Downloads
2.
Opera5.
Trillian8.
AIM9.
Skype10.
Ad-Aware12.
Nero13.
Google Earth14.
Picasa15.
Winamp16.
iTunes17.
RealPlayer18.
uTorrent19.
eMule20.
WinRAR21.
BitComet22.
WinZip23.
Shareaza24.
CCleaner25.
Recuva26.
Tweak UI27.
CuteFTP29.
Adobe Reader30.
NewsPiperBecome A Fan!
Link To Us!
Adobe Reader, Now Featuring Safety Patch
HTML Linking Code
HTML Linking Code