Jump to content
Sign in to follow this  
threegee

Serious Vulnerability In Adobe Reader

Recommended Posts

Upshot is that you shouldn't open any .PDF files that you aren't fully aware of the source of. The vulnerability is being exploited so this is not just academic stuff! Adobe PDF Reader 9.5.3, 10.1.5, and 11.0.1 are all affected, and there are no fixes just yet.

http://www.computerw...researchers_say

The exploit drops and loads two DLL files on the system. One file displays a bogus error message and opens a PDF document that's used as a decoy, the FireEye researchers said.

Remote code execution exploits regularly cause the targeted programs to crash. In this context, the fake error message and second document are most likely used to trick users into believing that the crash was the result of a simple malfunction and the program recovered successfully. Meanwhile, the second DLL installs a malicious component that calls back to a remote domain, the FireEye researchers said.

Adobe said it is working on an emergency patch for the popular document reader. In the meantime, it urges users to enable the product's Protected View feature, which is off by default.

Share this post


Link to post
Share on other sites

Another reason to use foxit reader.

Was just gonna say that

Share this post


Link to post
Share on other sites

Acrobat and Reader XI

Feb 20, 2013 11.0.02 OOC* Latest release. This patch fixes specific security issues.

Acrobat and Reader X

Feb 20, 2013 10.1.6 OOC* Latest release. This patch fixes specific security issues.

Acrobat and Reader 9.x and 8.x

Feb 20, 2013 9.5.4 OOC* Latest release. This patch fixes specific security issues.

...allegedly! :)

*Out-of-cycle patch (OOC): An update targeted at security fixes. These noncumulative patch files contain few functional updates with the intention to limit impact.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

Hide Adverts


×
×
  • Create New...