toggle

AAPL Stock: 423 ( 0 )

http://www.macnn.com/articles/09/12/16/threat.an.active.one.company.says/

Adobe warns of new Reader, Acrobat vulnerability

updated 10:15 am EST, Wed December 16, 2009

 

Threat an active one, company says


A "critical" security vulnerability has been discovered in all versions of Reader and Acrobat, says Adobe. While the company is not providing many details, it does note that hackers can use the flaw to force a crash, and potentially assume control of an affected system. Unlike many such vulnerabilities, the new one is described as being present in the wild, and not just theoretical.

Security experts suggest that the exploit is connected to Adobe's handling of JavaScript code, and that the simplest way to block an attack is to disable JavaScript within Reader and Acrobat. The action is in fact recommended as a rule, given that a number of other attacks have also been directed through JavaScript. People can alternately avoid problems by only downloading PDF files from trusted sources.

Macs are said to be immune from takeovers at present, but will still crash when opening a malicious PDF. Windows Vista and 7 can likewise limit damage through Data Execution Prevention.

No immediate patches are expected from Adobe, but the company does say it will have one ready by January 12th at the latest.


by MacNN Staff

Post tools:

TAGS :

 security, software, Adobe, Acrobat, Reader

Related Articles

Recent Articles

toggle

Comments

  1. JeffHarris

    Fresh-Faced Recruit

    Joined: Oct 1999

    +1
    12/16, 11:01am | report spam | Reply |

    Vulnerability, Schmulnerability...

    WHEN is Adobe going to fix the non-working Acrobat Pro PDF print driver problem in Snow Leopard?

  1. climacs

    Fresh-Faced Recruit

    Joined: Sep 2001

    +1
    12/16, 01:03pm | report spam | (1 reply) Reply |

    is it just me

    or is Adobe not as on the ball as they used to be?

  1. inspectorgadget

    Fresh-Faced Recruit

    Joined: Oct 2002

    +1
    12/16, 01:27pm | report spam | Reply |

    Acrobat forums will tell

    For several months, since the 'release' of a patch to update the Mac version of Acrobat Pro to 9.2, many people have had problems applying it. The usual gripes were made to Acrobat, but to this day, there has been no firm fix. For a while a few Adobe techs threw out the standard 'ideas' on how to fix the patch which would lead to fixing the app, but none worked universally. Then all response from Adobe ceased, probably through Nov 09. Then about 2 weeks ago one of the techs responded with an apology and a goodbye message, indicating a purge within Adobe. Currently, a few nubee type techs have appeared, again offering the standard fix advice and requesting log dumps, but still, no fix. Looking at this issue, and other similar problems I've had with a few CS4 products (like PhotoShop), from December back to September or whenever this last patch was issued, comparing to how responsive AND responsible Adobe used to be, I'd say a major shake-up took place recently. So, you're right, Adobe does not seem to be as on the ball as they used to be. Too bad; end-users suffer and so, eventually, will their stock and overall stature.

  1. climacs

    Fresh-Faced Recruit

    Joined: Sep 2001

    +2
    12/17, 06:58am | report spam | Reply |

    @inspectorgadget

    well, Adobe better shape up or one day Apple will drink their milkshake too.

  1. wlsbrwn

    Banned

    Joined: Feb 2010

    0
    02/12, 02:37am | report spam | Reply |

    comment title

    WHEN is Adobe going to fix the non-working Acrobat Pro PDF print driver problem in Snow Leopard?

    http://www.articlesbase.com/health-articles/idol-tan-review-get-free-trial-now-1851110.html

Login Here

Not a member of the MacNN forums? Register now for free.

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Logitech FabricSkin Keyboard Folio for iPad

Since the fourth-generation iPad didn't evolve much over its predecessor, the market for iPad accessories has remained somewhat static ...

Huawei Ascend Mate

The Huawei Ascend Mate is a phone that fits the screen-size gap between the 4 to 5-inch smartphone and the seven-inch or more tablet, ...

MaxUpgrades MaxConnect for 2006-2008 Mac Pro

Nobody outside of Cupertino's privileged bunch knows the future of the Mac Pro line for sure. Despite Apple's reluctance to tell us wh ...

toggle

Most Commented

 

Popular News