Peaches Posted July 1, 2010 Report Share Posted July 1, 2010 30 June 2010, 11:30Adobe Reader and Acrobat updates close 17 critical holes Adobe has released updates 9.3.3 and 8.2.3 for its Reader and Acrobat products to close 17 holes. The vendor says that all the holes can be exploited to inject and execute code. Simply visiting a specially crafted web page with a vulnerable Reader plug-in is enough for an attack to be successful. Among the holes is the flaw in the authplay.dll library for playing embedded Flash content. After almost three months, Adobe have finally also decided to make it harder for attackers to exploit the /launch function to execute code. The function is part of the PDF specification and can be used for executing embedded scripts and EXE files. Although Adobe Reader asks users to agree to the execution of the file, this dialogue can be designed in such a way that users have no idea they may be allowing an infection into their systems. The vendor previously maintained that the feature is essentially useful and only becomes a problem when misused. http://www.h-online....es-1031142.html Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.