Adobe patches Acrobat, Reader flaws
Read all about it
Posted in Applications, 17th December 2004 11:57 GMT
Watch Now : Virtual Machine Movement with Hyper-V
Adobe has released updates for Acrobat and Reader to fix security bugs that might allow attackers to gain access to unpatched systems. A trio of vulnerabilities pose a risk to users of version 6.0.0 to 6.0.2 of Abode’s products.
First up, there's a vulnerability in the handling of Flash files embedded in PDF documents that can be exploited to read files on user's systems. Adobe has also acknowledged multiple flaws in a software library called 'libpng'. Lastly a format string error in an eBook plug-in creates a risk when parsing ".etd" files that could be exploited to execute arbitrary code.
Security firm Secunia describes the flaws as "highly critical". Adobe said that an exploit for the flaws is yet to be released. But that's no reason for complacency. Users are advised to upgrade to the 6.0.3 version of Reader or Acrobat to defend against the flaws. ®
Related stories
Cracker spills the beans on PDF flaw
Adobe anti-counterfeiting code trips up kosher users
Adobe beta tests Acrobat Reader 7.0

Data control in the cloud
The new Office Garage series:
Enabling efficient data center monitoring
IT infrastructure monitoring strategies