Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in you inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

Zero-day flaw Discovered in Acrobat and Adobe Reader

Adobe has recently issued a security alert about a new zero-day flaw in the famous PDF view Adobe Reader and Acrobat.

As per the warning, the critical vulnerability is present in Adobe Reader 9.3.4 and earlier for Windows, Macintosh and Unix systems. It is also present in Adobe Acrobat versions 9.3.4 and previous versions of Windows and Macintosh.

The warning also claims that this vulnerability could result in a crash and potentiality enable a hacker to control the affected system.

Security firm Secunia issued an "Extremely Critical" advisory. The firm described the flaw as presently in the wild and exploited by malware Adobe Reader, as per the news by pcr-online.biz on September 9, 2010.

Adobe did not reveal technical details about the flaw, but the advisory released by Secunia stated that the issue emanated due to "a boundary error within the font parsing in CoolType.dll. The flaw could be exploited to launch stack-based buffer overflow attacks by deceiving users into viewing a specially designed PDF file, as per the reports by eweek.com on September 8, 2010.

The security experts opined that the vulnerability is the newest in a string of exploits from malware creators which usually exploit the face that Adobe Reader is often installed on systems as a browser plug-in which provides a route to circumvent browser security measures.

Adobe authorities have not given any timeline for when a patch would be available, but assured that the firm would continue to provide users with updated details.

As per Adobe, they have been working to improve the security of its applications after coming under sustained attack from malware authors. Adobe is vigorously exchanging information about this flaw and other vulnerabilities with partners in the security community so that they quickly develop detection and quarantine methods to safeguard users until a patch is available.

Adobe has advised users to lay emphasis on security best practices by using updated anti-malware software. The users are also recommended not to open unfamiliar files.

Related article: Zero-day Flaw in Internet Explorer Revealed

ยป SPAMfighter News - 17-09-2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next