Jump to content
Sign in to follow this  
threegee

Serious Vulnerability In Adobe Reader

Recommended Posts

Upshot is that you shouldn't open any .PDF files that you aren't fully aware of the source of. The vulnerability is being exploited so this is not just academic stuff! Adobe PDF Reader 9.5.3, 10.1.5, and 11.0.1 are all affected, and there are no fixes just yet.

http://www.computerw...researchers_say

The exploit drops and loads two DLL files on the system. One file displays a bogus error message and opens a PDF document that's used as a decoy, the FireEye researchers said.

Remote code execution exploits regularly cause the targeted programs to crash. In this context, the fake error message and second document are most likely used to trick users into believing that the crash was the result of a simple malfunction and the program recovered successfully. Meanwhile, the second DLL installs a malicious component that calls back to a remote domain, the FireEye researchers said.

Adobe said it is working on an emergency patch for the popular document reader. In the meantime, it urges users to enable the product's Protected View feature, which is off by default.

Share this post


Link to post
Share on other sites

Another reason to use foxit reader.

Was just gonna say that

Share this post


Link to post
Share on other sites

Acrobat and Reader XI

Feb 20, 2013 11.0.02 OOC* Latest release. This patch fixes specific security issues.

Acrobat and Reader X

Feb 20, 2013 10.1.6 OOC* Latest release. This patch fixes specific security issues.

Acrobat and Reader 9.x and 8.x

Feb 20, 2013 9.5.4 OOC* Latest release. This patch fixes specific security issues.

...allegedly! :)

*Out-of-cycle patch (OOC): An update targeted at security fixes. These noncumulative patch files contain few functional updates with the intention to limit impact.

Share this post


Link to post
Share on other sites

Create a free account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

Hide Adverts


  • Latest News

    • Want the top news headlines sent to your inbox daily? Sign up to our FREE newsletter below
      Almost two-thirds of residents feel the Government was too late introducing a local lockdown in the North East as Covid-19 cases continue to rocket, according to a ChronicleLive survey.
      Tighter restrictions were imposed across the region's seven council areas on September 18 in a bid to combat the spike in coronavirus cases.
      But numbers continue to soar at an alarming rate, with North East cases more than doubling to 2,524 in the week leading to September 21 from 1,107 in the previous seven days.
      According to Public Health England data covering the seven days to September 22, Newcastle now has the highest rate of infection in the North East and the fifth-highest in England – with the city’s numbers almost tripling.
      Newcastle recorded 632 new cases in that week, with an infection rate of 208.7 per 100,000 people. That was compared to 224 new cases and a rate of 74 in the previous 7 days.
      South Tyneside had previously had the second-highest rate in England, but is now eighth according to the latest figures. The borough recorded 301 new cases with an infection rate of 199.4 per 100,000.

  • Latest Topics

×
×
  • Create New...