Adobe has at last released patches to Reader and Acrobat that address major security flaws that have been publicly known for months.
First published as a proof-of-concept PDF file by a researcher Didier Stevens, the hack, when combined with social engineering techniques, could easily allow for code to be executed on the target machine when a user simply opens an infected PDF.
Adobe's updates to Reader/Acrobat (to version 9.3.2) includes fixes to over 17 vulnerabilities, the Stevens-exposed exploit among them. The update is being released in advance of Adobe's regular quarterly release schedule (the next update was originally scheduled for July 13), though the next quarterly release will come out on schedule, on Octover 12.
No comments:
Post a Comment