The Channel logo

News

By | John Leyden 24th June 2008 11:10

Adobe update foils Reader and Acrobat exploits

Bugs provoke PDF botnet risk warning

Adobe pushed out an update to its Reader and Acrobat packages on Monday to close a pair of critical flaws in the popular packages.

Patches to version 8.1.2 of each application resolves vulnerabilities which create a means for miscreants to drop malware onto vulnerable systems. Users of earlier versions of the software (Adobe Reader 7.1.0 and Acrobat 7.1.0) are not at risk from the bug. Version 9 of each package - due to appear next month - are also safe, Adobe reports.

The software developer credits boffins at the Johns Hopkins University Applied Physics Laboratory for discovering the flaw. Adobe's description of the bugs explains their impact but fails to reveal much about the source of the problem.

"A critical vulnerability has been identified in Adobe Reader and Acrobat 8.1.2 and earlier versions. This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system," it said.

The SANS Institute's Internet Storm Center warns that the vulnerability might lend itself to botnet exploitation. It advises users to update their systems sooner rather than later. ®

comment icon Read 8 comments on this article alert Send corrections

Opinion

Windows 10 on Surface 3

Tim Anderson

It's do-or-die for Microsoft's new operating system on 29 July
Wine Taps by N Wong, Flickr, CC 2.0 License

Simon Sharwood

Clouds sell compute by the glass. On-premises kitmakers want to sell wine-as-a-service

Greg Knieriemen

Privacy, security, information sovereignty, what we all want, right?
Microsoft's Joe Belfiore, speaking at Build 2015

Andrew Orlowski

Redmond devotees may as well have demanded manga desktop wallpaper

Features

Android icon desktop toys
Nice devices, now speak 'enterprise' to me
Standard Form 86 reads like a biography of each intelligence worker
Protestor barricade image via Shutterstock
Breaking through the hardware barricades to a new network state
Racecar