On MovieTome: The 10 worst movies of 2009 so far!
BNET Business Network:
BNET
TechRepublic
ZDNet

November 4th, 2008

Heads up: Patch your Adobe Reader now

Posted by Ryan Naraine @ 9:03 am

Categories: Adobe, Arbitrary Code Execution, Complex Attacks, Data theft, Exploit code, Java, Malware, Passwords, Patch Watch, Pen testing, Research, Responsible disclosure, Vulnerability research

Tags: Adobe Systems Inc., Adobe PDF, Adobe Acrobat, Vulnerability, JavaScript, Adobe Acrobat Reader, Scripting Languages, Security, Software/Web Development, Web Development

Critical vulnerability in Adobe Reader 8(See important update below for information on patching this vulnerability).

Heads up for Windows users: There’s a critical, remotely exploitable vulnerability in Adobe Acrobat/Reader version 8.

According to an advisory from Core Security, Adobe Reader suffers from a stack buffer overflow when parsing specially crafted (invalid) PDF files.  The flaw could be exploited if a user is tricked into opening a rigged PDF file, the company warned.

From the alert:

  • The vulnerability is caused due to a boundary error when parsing format strings containing a floating point specifier in the “util.printf()” JavaScript function. Successful exploitation of the vulnerability requires that users open a maliciously crafted PDF file thereby allowing attackers to gain access to vulnerable systems and assume the privileges of a user running Acrobat Reader. Adobe Reader version 9, which was released in June 2008, is not vulnerable to the reported problem.
  • A specifically crafted PDF file that embeds JavaScript code to manipulate the program’s memory allocation pattern and trigger the vulnerability can allow an attacker to execute arbitrary code with the privileges of a user running the Adobe Reader application.

Vulnerable versions: Adobe Reader 8.1.2 and Adobe Acrobat 8.1.2.

If, for some reason, you can’t upgrade to the latest version, Core says a possible workaround for this vulnerability is to disable JavaScript in Adobe Reader and Acrobat (in the software’s Edit/Preferences menu). Disabling JavaScript will prevent the issue, although it will also prevent many basic Acrobat and Reader workflows from properly functioning.

UPDATE:

An Adobe security bulletin regarding the vulnerabilities has been published.  The product updates are available at: http://www.adobe.com/support/downloads/detail.jsp?ftpID=4084 (Windows), http://www.adobe.com/support/downloads/detail.jsp?ftpID=4093 (Mac), http://www.adobe.com/support/downloads/detail.jsp?ftpID=4094 (Linux/Solaris).

Ryan NaraineRyan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.


Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

  • Talkback
  • Most Recent of 8 Talkback(s)
An alternative: FoxIt Reader
That is why I use FoxIt Reader. It is fast and lightweight, and satisfy all of my needs. (Read the rest)
Posted by: laman Posted on: 11/08/08 You are currently: a Guest | | Terms of Use
PCs Need Protection from their Software  eiverson@... | 11/04/08
PC do have a degree of protection  betelgeuse68 | 11/04/08
I hope alternate PDF readers are not affected  rileinc | 11/04/08
Ditto  fairportfan | 11/05/08
RE: Heads up: Patch your Adobe Reader now  MoeFugger | 11/04/08
RE: Heads up: Patch your Adobe Reader now  rathersailawa@... | 11/04/08
Pay attention to  btljooz | 11/07/08
An alternative: FoxIt Reader  laman | 11/08/08

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement

Recent Entries

advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads