toggle

AAPL Stock: 97.03 ( -0.16 )

Printed from http://www.macnn.com

Adobe warns of new Reader, Acrobat vulnerability

updated 10:15 am EST, Wed December 16, 2009

Threat an active one, company says

A "critical" security vulnerability has been discovered in all versions of Reader and Acrobat, says Adobe. While the company is not providing many details, it does note that hackers can use the flaw to force a crash, and potentially assume control of an affected system. Unlike many such vulnerabilities, the new one is described as being present in the wild, and not just theoretical.

Security experts suggest that the exploit is connected to Adobe's handling of JavaScript code, and that the simplest way to block an attack is to disable JavaScript within Reader and Acrobat. The action is in fact recommended as a rule, given that a number of other attacks have also been directed through JavaScript. People can alternately avoid problems by only downloading PDF files from trusted sources.

Macs are said to be immune from takeovers at present, but will still crash when opening a malicious PDF. Windows Vista and 7 can likewise limit damage through Data Execution Prevention.

No immediate patches are expected from Adobe, but the company does say it will have one ready by January 12th at the latest.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. JeffHarris

    Joined: Dec 1969

    +1

    Vulnerability, Schmulnerability...

    WHEN is Adobe going to fix the non-working Acrobat Pro PDF print driver problem in Snow Leopard?

  1. climacs

    Joined: Dec 1969

    +1

    is it just me

    or is Adobe not as on the ball as they used to be?

  1. inspectorgadget

    Joined: Dec 1969

    +1

    Acrobat forums will tell

    For several months, since the 'release' of a patch to update the Mac version of Acrobat Pro to 9.2, many people have had problems applying it. The usual gripes were made to Acrobat, but to this day, there has been no firm fix. For a while a few Adobe techs threw out the standard 'ideas' on how to fix the patch which would lead to fixing the app, but none worked universally. Then all response from Adobe ceased, probably through Nov 09. Then about 2 weeks ago one of the techs responded with an apology and a goodbye message, indicating a purge within Adobe. Currently, a few nubee type techs have appeared, again offering the standard fix advice and requesting log dumps, but still, no fix. Looking at this issue, and other similar problems I've had with a few CS4 products (like PhotoShop), from December back to September or whenever this last patch was issued, comparing to how responsive AND responsible Adobe used to be, I'd say a major shake-up took place recently. So, you're right, Adobe does not seem to be as on the ball as they used to be. Too bad; end-users suffer and so, eventually, will their stock and overall stature.

  1. climacs

    Joined: Dec 1969

    +2

    @inspectorgadget

    well, Adobe better shape up or one day Apple will drink their milkshake too.

  1. wlsbrwn

    Joined: Dec 1969

    0

    comment title

    WHEN is Adobe going to fix the non-working Acrobat Pro PDF print driver problem in Snow Leopard?

    http://www.articlesbase.com/health-articles/idol-tan-review-get-free-trial-now-1851110.html

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Cambridge Audio DacMagic XS

Every computer with a microphone or headphone port has one -- a digital to analog converter (DAC). There are nearly as many chipsets a ...

D-Link Wi-Fi Smart Plug

Home automation fans have been getting their fair share of gadgets and accessories in the last few years. Starting with light bulbs, a ...

Razer Kraken Pro headset

Gaming headphones are a challenge to get right, for a long list of reasons that are unique to the consumer buying them. Some shoppers ...

toggle

Most Commented