Quantcast

Adobe Posts Security Fix For Reader, Acrobat

Exploit seen in the wild already

Get the WebProNews Newsletter:


[ Technology]

A code injection vulnerability in Adobe Reader and Acrobat 8.1.2 required a quick fix amid reports of an exploit for it in the wild.

Users of Adobe’s Reader and Acrobat products will want to perform an update or upgrade today, depending on the software version they have in place. A JavaScript vulnerability received a Critical rating from Adobe, meriting immediate attention.

“This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system,” Adobe said in its security bulletin. “This update resolves an input validation issue in a JavaScript method that could potentially lead to remote code execution.”

People on versions up to 8.1.2 of Reader and Acrobat may update their products with a security fix, currently available for download. Adobe recommended users of Acrobat and Reader 7 update those products to version 7.1.0.

SecurityFocus noted the Information Security Team of the Johns Hopkins University Applied Physics Laboratory picked up on the problem with Acrobat and Reader. Vulnerable Adobe products fail to adequately sanitize user input to prevent exploitation.

Such sanitization issues have plagued websites all over the Internet. Their ease of exploitation makes them a favorite avenue of attack for malicious types, a problem exacerbated by failure to detect and update vulnerable products before exploits hit.

Adobe Posts Security Fix For Reader, Acrobat
Top Rated White Papers and Resources
  • http://www.mbridge.com mbridge

    It would be nice for Adobe to explain what the update is before asking a user if they want it or not.  Even Microsoft explains the update in fairly simple terms such as "Security Update for ie7".  This would probably get more people to click "Update" rather than ignoring Adobe altogether.

    www.mbridge.com

  • Join for Access to Our Exclusive Web Tools
  • Sidebar Top
  • Sidebar Middle
  • Sign Up For The Free Newsletter
  • Sidebar Bottom