Adobe To Close Acrobat And Reader Holes On May 12


Recommended Posts

Adobe to close Acrobat and Reader holes on May 12

"Adobe plans to release a security update for Adobe Reader and Acrobat on the 12th of May. The update will remove the recently announced critical buffer overflow in the JavaScript function getAnnots(). Attackers could prepare PDF documents which could crash either application and potentially allow them to take control of the affected system. The updates will be available for Windows versions 7.x, 8.x, 9.x and UNIX and Mac versions 8.x and 9.x of Adobe Reader and Acrobat.

The update of the UNIX version will also close a second hole in the JavaScript functionality where the customDictionaryOpen method can be manipulated to cause a denial of service or execute arbitrary code. Until the release of the updates, Adobe recommends disabling the processing of JavaScript in its products by selecting Edit/Preferences/JavaScript and un-checking the "Enable Acrobat JavaScript" option."

Heise security - http://www.h-online.com/security/Adobe-to-...2--/news/113219

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...