toggle

AAPL Stock: 99.18 ( -1.57 )

Printed from http://www.macnn.com

Adobe warns of new Reader, Acrobat vulnerability

updated 10:15 am EST, Wed December 16, 2009

Threat an active one, company says

A "critical" security vulnerability has been discovered in all versions of Reader and Acrobat, says Adobe. While the company is not providing many details, it does note that hackers can use the flaw to force a crash, and potentially assume control of an affected system. Unlike many such vulnerabilities, the new one is described as being present in the wild, and not just theoretical.

Security experts suggest that the exploit is connected to Adobe's handling of JavaScript code, and that the simplest way to block an attack is to disable JavaScript within Reader and Acrobat. The action is in fact recommended as a rule, given that a number of other attacks have also been directed through JavaScript. People can alternately avoid problems by only downloading PDF files from trusted sources.

Macs are said to be immune from takeovers at present, but will still crash when opening a malicious PDF. Windows Vista and 7 can likewise limit damage through Data Execution Prevention.

No immediate patches are expected from Adobe, but the company does say it will have one ready by January 12th at the latest.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. JeffHarris

    Joined: Dec 1969

    +1

    Vulnerability, Schmulnerability...

    WHEN is Adobe going to fix the non-working Acrobat Pro PDF print driver problem in Snow Leopard?

  1. climacs

    Joined: Dec 1969

    +1

    is it just me

    or is Adobe not as on the ball as they used to be?

  1. inspectorgadget

    Joined: Dec 1969

    +1

    Acrobat forums will tell

    For several months, since the 'release' of a patch to update the Mac version of Acrobat Pro to 9.2, many people have had problems applying it. The usual gripes were made to Acrobat, but to this day, there has been no firm fix. For a while a few Adobe techs threw out the standard 'ideas' on how to fix the patch which would lead to fixing the app, but none worked universally. Then all response from Adobe ceased, probably through Nov 09. Then about 2 weeks ago one of the techs responded with an apology and a goodbye message, indicating a purge within Adobe. Currently, a few nubee type techs have appeared, again offering the standard fix advice and requesting log dumps, but still, no fix. Looking at this issue, and other similar problems I've had with a few CS4 products (like PhotoShop), from December back to September or whenever this last patch was issued, comparing to how responsive AND responsible Adobe used to be, I'd say a major shake-up took place recently. So, you're right, Adobe does not seem to be as on the ball as they used to be. Too bad; end-users suffer and so, eventually, will their stock and overall stature.

  1. climacs

    Joined: Dec 1969

    +2

    @inspectorgadget

    well, Adobe better shape up or one day Apple will drink their milkshake too.

  1. wlsbrwn

    Joined: Dec 1969

    0

    comment title

    WHEN is Adobe going to fix the non-working Acrobat Pro PDF print driver problem in Snow Leopard?

    http://www.articlesbase.com/health-articles/idol-tan-review-get-free-trial-now-1851110.html

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Tylt Energi 2K Travel Charger

Backup batteries and device chargers are objects that many users take for granted. They often only one dimensional, restoring the batt ...

ActvContent Sync Smartband

Smartbands of all sorts are hitting the market. Some build on the buzz around fitness trackers, while others offer simpler features fo ...

RocketStor 6324L Thunderbolt 2 eSATA bridge

Like it or not, the shift to Thunderbolt is underway. The connection is extremely flexible, allowing for video and data to co-habitate ...

toggle

Most Commented