Researcher builds home-made Adobe flaw patch

By on
Researcher builds home-made Adobe flaw patch

A researcher at threat management firm Sourcefire has published a home-made patch for the flaw that Adobe warned about on Friday.

Adobe had said that it would take until March 11 to build a patch for the flaw in Adobe Reader and Acrobat, which allows remote code execution on targeted systems.

Adobe said that hackers were already using the attack.

But Lurene Grenier, a senior research engineer with the Sourcefire Vulnerability Research Team (VRT), took time off this Sunday and has created her own patch, which she says should work on Windows systems.

“People seemed a bit worried about the Adobe Reader bug, so I figured I'd take a bit of time this morning and create a home brew patch for people to protect themselves with until March 11th rolls around,” she wrote on the company blog.

“I made this patch using only windbg and a cr***y hex editor because I'm at home now. It may not prevent all attacks on jbig2 - it WILL prevent all current attacks using the method I described, but there may be others. No warranty expressed or implied, etc etc.”

The patch will be something of an embarrassment to Adobe, which has been criticised by some for its slow response to the threat.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©

Most Read Articles

Log In

  |  Forgot your password?