Vulnerabilities does not spare acrobat too » Computer internet security  
Computer and internet security news
computer and networking security portal
 
|
|
|
News
|
Advertise
|
|
Products
|
Contact

Vulnerabilities does not spare acrobat too



Sunday, March 23, 2008, 23:51
This news item was posted in News category and has 0 Comments so far.

Three vulnerabilities pose a risk to users of version 6.0.0 to 6.0.2 of Adobe’s products. First, there’s a vulnerability in the handling of Flash files embedded in PDF documents that can be exploited to read files on user’s systems. Adobe has also acknowledged multiple flaws in a software library called ‘libpng’. Lastly a format string error in an eBook plug-in creates a risk when parsing .etd files that could be exploited to execute arbitrary code. Security firm Secunia describes the flaws as highly critical. Adobe said that an exploit for the flaws is yet to be released. Users are advised to upgrade to the 6.0.3 version of Reader or Acrobat to defend against the flaws.

Critical vulnerabilities have been identified in Adobe Reader and Acrobat that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system. This issue only affects customers on Windows XP or Windows 2003 with Internet Explorer 7 installed. A malicious file must be loaded in Adobe Reader or Acrobat by the end user for an attacker to exploit these vulnerabilities. It is recommended that affected users update to Adobe Reader 8.1.1 or Acrobat 8.1.1. This is an update to resolve the issue previously reported in Security Advisory APSA07-04.

Solutions

Adobe strongly recommends upgrading to Adobe Reader 8.1.1 or Acrobat 8.1.1. Users can utilize the product’s automatic update facility. The default installation configuration runs automatic updates on a regular schedule, and can be manually activated by choosing Help > Check For Updates Now.

Alternatively, the Adobe Reader 8.1.1 update files can be manually downloaded and installed from:
http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows
The Acrobat 8.1.1 update files can be downloaded and installed from:
http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows

Adobe will be providing an update to Adobe Reader 7.0.9 and Acrobat 7.0.9 at a later date. For customers who can not upgrade to Adobe Reader 8.1.1 or Acrobat 8.1.1, Microsoft has provided an update to resolve this issue. Please refer to Microsoft Security Bulletin MS07-061 for more information.

Related posts:

  1. Adobe Reader 7.0.9 exe
  2. This security update resolves two privately reported vulnerabilities in Outlook Web Access
  3. Universal XSS through Adobe PDF Plugin
  4. Symantec Breaks Chinese PCs
  5. Microsoft has released an out-of-band patch
  6. New version of Outpost fixes vulnerabilities

Related posts brought to you by Yet Another Related Posts Plugin.





Tagged with: , , ,

You can leave a response, or trackback from your own site.

Leave a Reply

Hackers can attack reliable e-mail too
War between google and cyber criminals




:::: Recent entries


 
Join My Community at MyBloglog!



My BlogCatalog BlogRank

Computers Blogs - Blog Top Sites