Adobe Issues Patches for Two Critical Acrobat and Reader Bugs
The Adobe released security fixes on May 12, 2009 to patch two critical flaws in Adobe Reader which could let attackers install malware remotely on users' PCs via infected PDF files.
The exploitation of flaws could lead to denial-of-service conditions, collapse of a system or the distribution of malware with which someone else's computer could be compromised to steal sensitive information.
The reports state that Adobe in its security advisory issued during April 2009 had cautioned users about the flaw that critically affects Acrobat Reader and Adobe Reader.
Security researchers also state that the proof-of-concept attack code has been developed for both the vulnerabilities. However, according to them, there has been no known attack so far believed to have exploited the flaws. The situation could change if hackers gain an access to the attack code and grab the opportunity when users do not update their computers.
Meanwhile, it is believed that the current Adobe flaw is a much more critical problem compared to Microsoft's recent PowerPoint flaws that were also patched on May 12, 2009.
Related article: Adobe Rates Acrobat Vulnerabilities “Critical”
» SPAMfighter News - 21-05-2009