Adobe To Release Fix for Acrobat Security Hole

  • By Dian Schaffhauser
  • 01/08/10

Adobe will shortly release an update to address a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions that was first reported in November.

The security hole is caused by boundary errors in the newplayer() JavaScript method in multimedia.api that can cause a computer to execute arbitrary code when a user opens a modified PDF file. The module, according to Core Security Technologies, runs a malicious Web site and waits for a user to trigger the exploit by connecting to the Web site through the PDF.

Adobe said it had reports that the vulnerability was being actively exploited. The company said updates addressing the problem would be available Jan. 12, 2010.

In other Adobe security news, the company released security patches for Illustrator CS4 and CS3 Thursday. The updates for both Mac OS X and Windows operating systems are designed to address issues that could subject systems to "arbitrary code execution," according to information released by Adobe.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • college student sitting at a laptop writing a college essay

    How Can Schools Manage AI in Admissions?

    Many questions remain around the role of artificial intelligence in admissions as schools navigate the balance between innovation and integrity.  

  • a hobbyist in casual clothes holds a hammer and a toolbox, building a DIY structure that symbolizes an AI model

    Ditch the DIY Approach to AI on Campus

    Institutions that do not adopt AI will quickly fall behind. The question is, how can colleges and universities do this systematically, securely, cost-effectively, and efficiently?

  • person signing a bill at a desk with a faint glow around the document. A tablet and laptop are subtly visible in the background, with soft colors and minimal digital elements

    California Governor Signs AI Content Safeguards into Law

    California Governor Gavin Newsom has officially signed off on a series of landmark artificial intelligence bills, signaling the state’s latest efforts to regulate the burgeoning technology, particularly in response to the misuse of sexually explicit deepfakes. The legislation is aimed at mitigating the risks posed by AI-generated content, as concerns grow over the technology's potential to manipulate images, videos, and voices in ways that could cause significant harm.

  • laptop screen showing Coursera course

    Coursera Introduces New Gen AI Skills Training and Credentials

    Learning platform Coursera is expanding its Generative AI Academy training portfolio with an offering for teams, as well as adding new generative AI courses, specializations, and certificates.