Adobe Confirms 0-Day Vulnerability With No Patch
by Wyatt WalterYesterday SecurityFocus posted a piece of code that could exploit the current and a couple of older versions of Adobe Reader. Today, Adobe has acknowledged the 0-day vulnerability and advises users to disable JavaScript in the PDF viewer. The vulnerability exists in the Windows, Mac, and Linux versions of the reader and allows code execution with the privileges of the user running the application. Since the problem lies in Adobe’s implementation of JavaScript, Adobe has recommended disabling JavaScript in the application until a patch has been released.
According to ComputerWorld, some security researchers have gone so far as to tell users to switch PDF viewers. Personally, I don’t have a need for Adobe Reader since OS X has Preview and Ubuntu comes with Document Viewer “out of the box”. If you must continue to use Adobe Reader, the option can be found here once in the Preferences (you access it from multiple places in the menu in each OS, but the window looks the same once in):
- Opera, Google Want More Than Just An Uninstaller for IE If the European Union wasn't heading down a slippery slope,...
- Internet Explorer Will Finally Be Able To Be Uninstalled Evidently a recently leaked build of Windows 7 allows Internet...
- Linux Distros Have Had 'App Stores' For Years It appear that the next company to join the 'App...
- Microsoft Denies Phone, Verizon Confirms Talks with Apple The rumor mill has been turning with rumors that Apple...
- Wordpress Backup Wordpress Backup is an essential plugin for all Wordpress blog...
- Reader Question: FAUX News & Advertising I don't get many reader questions, and when I do...
- Review: Update: Kindle 2 ebook reader UPDATE UPDATE UPDATE NEWS FLASH Amazon is keeping up with...
- Game Preview: Florida Gators vs. Mississippi State Bulldogs Turnovers are Sticking in the Mind of Urban Meyer! With...
Tags: adobe, security
Filed under News :
Comments (0) :
Apr 29th, 2009
Follow whatan00b on Twitter
