Critical Security Vulnerability in Adobe Acrobat and Reader
Nearly everyone working on the web uses PDF files from time to time. If you use Adobe Acrobat or Adobe Reader to view those PDF files, be warned that Adobe yesterday issued a security bulletin about a critical vulnerability affecting its software.
A buffer overflow exploit has been discovered that could render your computer vulnerable to attack; a malicious party could potentially use the exploit to take control of your machine. All versions of Acrobat and Reader from 7 onwards on all platforms are vulnerable to attack. Patches to these products will not be available until March 11th. Until Adobe issue an update, it may be advisable to switch to an alternative PDF reader (Foxit works well for Windows), and, as always, it would be a good idea to make sure that your antivirus software is up-to-date and exercise extreme caution when opening files from untrusted sources.
(via DownloadSquad)
Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.
I recently had 2 Joomla sites hacked, the hack was modifying the index.php to attempt to push a corrupt PDF to visitors. I wonder if the intention was to use this exploit.
http://www.agilemicroisv.com/2009/01/joomla-sites-hacked.html
I have never liked Adobe or their software. Constantly trying to update itself and failing and being bothersome overall.
And this news is very distressing to me. Get your head together adobe!
Wow, *another* security problem with Adobe Reader. Such a surprise.
I think Adobe knew about this before mid October 2007. An interesting security attitude!!
this news is very distressing to me. Get your head together adobe!
That’s Great! Thanks for the post!