Adobe issues patch to block zero-day flaw

Adobe issues patch to block zero-day flaw

Tags:    Acrobat Reader   Adobe   PDF   security patch

By Robert Westervelt, News Editor | Mar 10, 2009

Adobe issued a critical update Tuesday plugging a serious zero-day vulnerability in Acrobat Reader that was being actively exploited by attackers.

Hackers have been spreading malicious PDF files in targeted attacks in an attempt to exploit a processing error in Adobe Acrobat Reader 8 and 9, which results in a buffer overflow. If successfully exploited, the flaw could give attackers access to critical system files.
 
'This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system,' Adobe said in its security bulletin.
 
Adobe Reader 9.1 and Acrobat 9.1 update corrects the JBIG2 stream array indexing error. The image compression format is used to convert binary images. Adobe said it expects to issue updates for Adobe Reader 7 and 8, and Acrobat 7 and 8 by March 18. An update to Adobe Reader 9.1 for Unix will be released by March 25.
 
Symantec said researchers there were given a sample of the threat Feb. 12. Adobe said it had been testing a patch prior to Tuesday's release. It has come under increased pressured by some security researchers for its handling of the zero-day and taking too long to issue an update.
'They just don't appear to have taken it serious enough,' said Andrew Storms, director of security operations at security and compliance auditing vendor nCircle Network Security Inc. 'They need to work better at communicating to their customers.'

Wolfgang Kandek, chief technology officer of patch management vendor Qualys Inc. said Adobe should have issued an update much faster to accommodate its large user base, despite ongoing attacks being limited and targeted.
 
"It makes me wonder whether Adobe has a setup to react to security flaws in an out-of-band manner, rather than through normal product cycles vulnerabilities of such magnitude need to be handled by a dedicated team that has the resources to quick develop and deploy a fix,' Kandek said in a prepared statement.

 

This article originally appeared on SearchSecurity

Similar

Related Articles

Add comment

Post a Comment

The content of this field is kept private and will not be shown publicly.
Verification Code
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
 

Similar

Related Articles

knowledge_central_tab

 
 
Knowledge Central
Trusted Mobility Index
The mobile ecosystem of devices, services and networks is at a critical inflection point.While the mobile revolution is unleashing massive opportunities in both emerging and mature economies, it is also increasing in complexity and confusion. The reality is the lightning-fast adoption of powerful, smart devices is outpacing society’s ability to secure them. Today, trust in mobility hangs in the balance.
The state of the Internet, Q4, 2011
Geography appears to play a role in frequency of observed attacks on specific ports. For example, Port 23 (Telnet) is a favorite target for attacks observed to be originating from South Korea and Turkey, where it accounted for more than five times the number of attacks targeting the next most popular port (445 in both countries). Other instances of geography-based port targeting include observed attacks centered on Port 1433 (Microsoft SQL Server) in China and on Port 80 (WWW/HTTP) in Indonesia.
 
 
 
HID Global deploys a centralized, web-based IP access control solution at Fuxi Power Plant
Unable to meet the needs for real-time monitoring with its traditional patrol system, China's Fuxi Power Plant has deployed HID Global's VertX V2000.
StubHub: How to spot fraud before it happens
Whenever a list of log-on credentials is dumped onto the Web, retailers get hit with waves of automated attacks. Here's how ticket marketplace StubHub fights the threat.