Members
  • Total Members: 12818
  • Latest: martin
Stats
  • Total Posts: 28535
  • Total Topics: 8240
  • Online Today: 980
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)












Author Topic: Adobe expected to disclose new Reader flaw  (Read 1134 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
Adobe expected to disclose new Reader flaw
« on: 05. November 2008., 08:13:08 »


Adobe Tuesday is expected to disclose a security vulnerability in an older version of its Reader document viewing software, according to Core Security. The security vendor discovered a flaw in Adobe Reader 8.1.2 that would allow an attacker to compromise a machine via the malicious use of a PDF.

Ironically, Adobe had urged users back in February to update to this version to avoid vulnerabilities in earlier versions of Reader.   

According to Ivan Arce, CTO at Core Security, the problem can be traced to a vulnerability in the JavaScript engine that allows an attacker to send a PDF with malicious JavaScript embedded in it to wholly compromise any computer using Adobe.

"The end result is if a user opens the PDF file with the malicious JavaScript in it, the attacker will be able to completely compromise the machine," Arce says. "It becomes like a Trojan."

Users can update Adobe Reader 8.1.2 with a patch that Adobe will release Tuesday to prevent this attack. Alternatively, users can upgrade to the current release, Reader 9.0, because the vulnerability hasn't been found in that version. Arce says Core Security discovered the JavaScript vulnerability in May and reported it to Adobe, but the company has taken until now to officially release a patch.

(NetworkWorld)

Samker's Computer Forum - SCforum.info

Adobe expected to disclose new Reader flaw
« on: 05. November 2008., 08:13:08 »




 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising