Network News

X My Profile
View More Activity

More Adobe Reader Vulnerabilities

Last week, Security Fix warned readers about a newly discovered design flaw in Adobe Reader that could be used to trick users into giving away personal and financial data.

This week, Adobe warned warned that versions 7.0.8 and 7.0.3 of its Reader product are vulnerable to a security hole that criminals could use to break into PCs running the software just by convincing users to view a specially crafted PDF document. Over the weekend, the curators of the Month of Apple Bugs project claimed to have found a dangerous design flaw with the Mac OS X and Windows versions of Adobe Reader.

If you are not running the latest version of Reader Version 8 (to check, look in "Add/Remove Programs list for the version number, or click "Help," and "About Adobe Reader"), please take a minute to upgrade. Alternatively, consider uninstalling Adobe (and its browser plug-ins) and moving to a PDF reader that is faster and has fewer features (i.e. fewer things for the bad guys to attack).

For advice on upgrading or switching to an alternative reader, see the bit at the bottom of this blog post.

By Brian Krebs  |  January 11, 2007; 12:50 PM ET
Categories:  From the Bunker , Latest Warnings , New Patches , Safety Tips  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: A Warning to Windows Users on Acer Laptops
Next: Free Tool Scans Your PC for Missing Patches

Comments

On a side note, NoScript (many times praised on this column for its JavaScript control primary and most known feature), can optionally block also Java, Flash and/or any other plugin (including Acrobat Reader), allowing their execution only from a whitelist of trusted sites. This dramatically reduces the chances for this security hole and, most important, for future yet unknown similar bugs, to be remotely exploited when you just browse a malicious web page.
http://noscript.net

Posted by: Scotty | January 11, 2007 2:12 PM | Report abuse

check out foxit pdf reader. it kicks 4$$

Posted by: idea | January 11, 2007 2:59 PM | Report abuse

Doesn't the newly released Adobe Reader 7.0.9 (yes, nine) update also fix these security issues? I got mine through the Adobe Reader Check for Update function.

Posted by: JohnJ | January 11, 2007 6:07 PM | Report abuse

As I understand it, the Adobe Reader 7.09 addresses the current known vulnerabilities found in earlier version of 7.0x.

Adobe is encouraging folks to go to the 8.0 Reader, but somewhat reluctantly created 7.09 for those folks who "can't go to 8.0".

About 7.09:
http://www.adobe.com/support/security/bulletins/apsb07-01.html

Download Adobe Reader 7.09
http://www.adobe.com/support/downloads/detail.jsp?ftpID=3576

Posted by: Adobe Checker | January 17, 2007 12:33 PM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company