The Official Web Site of
Jonas Maxwell
Current Las Vegas Time:
Supporting the God-given freedom America's Founding Fathers fought and died for!
 
Adobe Warns: New Exploit Poisons PDFs, Dangerous
print this page email this page to a friend

Adobe Warns: New Exploit Poisons PDFs, Dangerous

Categories: Science

by Brandon Dimmel on 20100913 @ 11:22AM EST

Security researchers have discovered a new PDF (portable document format) exploit in Adobe Reader and Acrobat they think could allow a hacker to remotely take over a system. In fact, the threat is so serious at least one expert has called the vulnerability "scary."

Adobe has acknowledged the flaw exists and could soon be exploited. In a statement, the company noted that the hole could be used to "cause a crash and potentially allow an attacker to take control of the affected system." (Source: http://www.adobe.com/support/security/advisories/apsa10-02.html)

Hackers Trick Users Into Opening Infected PDF

Mac, Unix and Windows users are all affected by a bug that has targeted Adobe Reader 9.3.4 and Adobe Acrobat 9.3.4. It's suspected that most earlier versions of these two programs are also vulnerable.

While Adobe did admit the problem existed, the company stopped short of providing details about the exploit.

Instead, a much better description is coming from security company Secunia, which recently noted that the issue is related to "a boundary error within the font parsing in CoolType.dll and can be exploited to cause a stack-based buffer overflow by... tricking a user into opening a specially crafted PDF file." (Source: http://www.eweek.com/c/a/Security/New-Adobe-Reader-Acrobat-Security-Bug-Under-Attack-278367/)

Most troubling: not even security experts know of a way to help users affected by the flaw. "Unfortunately, there are no mitigations we can offer," Secunia told tech blog, eWEEK. (Source: http://www.computerworld.com/s/article/9184700/newest_adobe_zero_day_pdf_exploit_scary_says_researcher)

Users Advised to be Vigilant with Emails and Files

The best advice available right now: don't open emails or files sent by strangers, and always keep your anti-virus software and operating system up to date.

"Adobe is actively sharing information about this vulnerability (and vulnerabilities in general) with partners in the security community to enable them to quickly develop detection and quarantine methods to protect users until a patch is available," said a Secunia representative. (Source: http://www.zdnet.com/blog/security/new-adobe-pdf-zero-day-under-attack/7283)

Adobe hasn't yet announced when a patch targeting this issue will become available.

SOURCE: http://www.infopackets.com/news/security/2010/20100913_adobe_warns_new_exploit_poisons_pdfs_dangerous.htm

 


"If you can't say something nice, let's hear it!"   — Joan Rivers

You got something to say about Adobe Warns: New Exploit Poisons PDFs, Dangerous?

NOTE: A message sent through this form will not be sent privately to Jonas.  It will be posted on this page for the entire world to see.  Any responses will also be posted on this page, and you will not receive personal responses.  If you would like to send a private message to Jonas, send a message through the contact page.  He can ignore it much faster that way. (Just kidding!)

name
comments

NEXT: Ever Seen a Baby Hedgehog?

(2604)

kiva - loans that change lives
Kiva - loans that change lives
New Pages
Leonid & Friends - Chicago Covers MUSIC Leonid & Friends - Chicago Covers - There are a lot of extremely talented musicians in the world. Still, there are not many that 'blow me away.' Occasionally, I'll hear a band play, and one or two members stand out. Rarely do I hear a complete band that impresses me. When I discover su... more (Updated Mar 2, 2018)

 

home     media     calendar     faqs     contact

© 2010-2013 Jonas Maxwell. All rights reserved.