Adobe issues critical fix

Holes patched in Reader and Acrobat

Shaun Nichols in California

vnunet.com, 25 Jun 2008

Adobe has issued fixes for a critical vulnerability being exploited by malware writers.

The flaw affects the firm's Acrobat and Adobe Reader applications on Mac OS and Windows.

Advertisement

Adobe recommends that users of both platforms install the security update immediately.

The vulnerability could allow an attacker to gain control of the user's system by way of malformed JavaScript code.

When exploited, the vulnerability leads to an application crash which leaves the user liable to remote control of the system and code execution from the attacker.

Such remote code execution flaws are a favourite method for covertly installing malware and are often regarded as the highest risks among software vulnerabilities.

This is likely to appear in a malware spreading website near you soon

Jason Lam Sans

Adobe has classified the flaw as 'critical', the highest of its four security alert levels. The company noted that there is a heightened risk as the flaw is already being used by attackers to spread malware in the wild.

Sans security researcher Jason Lam echoed Adobe's sense of urgency, recommending that users install the update as soon as possible.

"This is likely to appear in a malware spreading website near you soon given the track record of the botnet operators," he wrote.

  • Have your say
  • Send to a friend
  • Print
  • Digg
  • Reddit
  • Share

Do you agree?

Have your say on this article

Further reading

Microsoft

Microsoft reissues June security fix

Redmond takes second crack at Bluetooth flaw

Firefox

Bug hunters make short work of Firefox

First vulnerabilities surface for new browser

Current cyber-security defences 'ineffective'

Governments must act now, warns expert

Microsoft posts June security fixes

Seven bulletins for Patch Tuesday

Related whitepapers

Related jobs

Most watched

Summit: Views From the Valley

V3.co.uk's US office weighs in on the information overload crisis

John Chambers speaks on collaboration

Cisco boss talks up new offerings

More video

Analysis and Reports

Remote access - Three steps to getting connected

3.4 million UK professionals now work from home – is your company equipped?

Cost benefits of a global collaboration network

This white paper is a must read for organisations looking for evidence of the bottom-line benefits of high-definition video and voice communications

Poll

Impact of Information Overload poll

Impact of Information Overload poll

What is the biggest problem your firm faces as a result of the data explosion?

View poll results

Advertisement

White paper library

Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you over 6,000 white papers, case studies and analyst reports.

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

  • More available - 'submit' to view

Existing User

Newsletter user login:

Enter email address to edit your newsletter preferences

Job of the week

More IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Hiring now on ComputingCareers:

Related IT jobs

More IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Advertisement

Spotlight

Summit video: Intel discusses processors designed for data overload (part one of two)

Intel explains how its Xeon processors can handle data-intensive apps

fujitsu logo

Unite calls off Fujitsu strike

Talks between the two sides will extend into the new...

Richard Thomas

Summit: Q&A Richard Thomas, former Information Commissioner

Thomas speaks out on government databases and data privacy

Symantec office

Summit: Symantec makes the case for smarter storage

Company talks up unified approach

Primary Navigation