Adobe admits PDF exploit, posts workaround

Adobe Systems Inc. has confirmed that there's a critical bug in its most popular programs, but it doesn't yet have a patch that protects Windows XP users against attacks arriving as PDF files. In an advisory posted Friday, Adobe admitted that the flaw first disclosed by Petko Petkov, a U.K.-based security researcher, was real. The San Jose-based company also provided a multiple-step work-around in lieu of a permanent fix to its Adobe Acrobat software and its free Adobe Reader application.

Last month, Petkov claimed in a blog posting that he had found a critical vulnerability that could be leveraged using PDF files, Adobe's popular document format. "Adobe Acrobat/Reader PDF documents can be used to compromise your Windows box," Petkov said Sept. 21 "Completely!!! Invisibly and unwillingly!!! All it takes is to open a PDF document or stumble across a page [that] embeds one." At the time, Petkov declined to provide proof-of-concept code, telling users: "You have to take my word for it." He recommended steering clear of all PDFs until a fix was available.

View: The full story
News source: ComputerWorld

Report a problem with article
Previous Story

McAfee buys into encryption market

Next Story

Disk technology takes Nobel Prize

6 Comments

Commenting is disabled on this article.

Nott complaining, noticing how terrible applications are compared to 3rd party ones of the same type in many situations. A company like Adobe definitely has the ability, time, and funds to fix this issue; and a lot of times you see freeware options address security issues quicker.

And on top of that, foxit is about a zillionth of the size of Adobe Reader! The magnitude of failure when a companys format reader gets spanked by a 3rd party reader for it's own format is beyond measurability!

*hugs Foxit*

There's an addon, or whatever you may want to call it, to make it load more quickly, which is pretty stupid, if you ask me.

Agree *hugs Foxit"

While they're at it, they should fix the stupidly slow loading times and bloatedness of the application.
*hugs foxit*