Adobe grappling with another PDF vulnerability

Powered by SC Magazine
 

Adobe again is staring down a zero-day vulnerability in its popular Reader software, according to a new security advisory.

According to the alert this week from Security Focus, Adobe Reader contains a JavaScript flaw that can be exploited to execute arbitrary code or crash the application.

Versions 9.1 and 8.1.4 are vulnerable, though other builds also may be impacted, the advisory said.

David Lenoe, posting on the Adobe Product Security Incident Response Team blog, said that the company was investigating reports and plans to release an update once it has more information.

Earlier this year, Adobe faced the music over another PDF flaw, which was being targeted in active attacks but took the software giant weeks to patch. Some observers criticised the company for the delayed disclosure of the bug and the subsequent slow fix, while others recommended using alternative PDF readers, such as Foxit.

Adobe representatives defended their stance, saying they did not want to reveal too much information to the bad guys. The company advised users to disable JavaScript until it delivered a patch, which was issued in March.

See original article on scmagazineus.com

Copyright © SC Magazine, US edition


Adobe grappling with another PDF vulnerability
 
 
 
Top Stories
Meet FABACUS, Westpac's first computer
GE225 operators celebrate gold anniversary.
 
NSW Govt gets ready to throw out the floppy disks
[Opinion] Dominic Perrottet says its time for government to catch up.
 
iiNet facing new copyright battle with Hollywood
Fighting to protect customer details.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  26%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  21%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  26%
TOTAL VOTES: 341

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  58%
 
No
  42%
TOTAL VOTES: 143

Vote