Adobe issues security update to fix critical vulnerability

adobe_logoOn Tuesday, Adobe Systems has issued a new security update to fix zero-day reader vulnerability in its Adobe Reader 9 and Acrobat 9 because of which an attacker could possess a computer control.

It was nearly two weeks ago when Adobe warned its users against this vulnerability and assured them for a security update by March.

The invaders were taking advantage of a crack on un-patched systems for overwriting memory with some buffer overflow as well as for installing a backdoor to control the system distantly.

According to Adobe, it’s planning to make security updates for its Adobe Reader 7, 8 as well as Acrobat 7, 8 by the end of this month, while for Unix and Adobe Reader 9.1 the announced date is 18th March.

On the other hand, US-CERT says that they are aware of public reports of two new vectors of attack in it’s vulnerability that involves the Windows Indexing Service and for the Windows Explorer Shell Extension.

adobe-issues-security

If a malevolent PDF file is processed by the Windows Indexing Service or there is some malicious PDF file in Windows

Explorer, no or little user interaction can prove effective to exploit that vulnerability. Microsoft also issued updates for different important and critical vulnerabilities in Windows earlier today.

According to some online security experts, Adobe didn’t acknowledge these vulnerabilities earlier and it seemed quite uncommunicative towards this issue from its very beginning. One the other hand, Adobe representative didn’t respond to these comments.

Related Post

  1. Adobe with Download Manager
  2. CNN/YouTube Climate Debate Channel to address your issues
  3. Dell’s INTEGRITY Global Security