Add as a preferred source on Google


Adobe To Release Fix for Acrobat Security Hole

  • By Dian Schaffhauser
  • 01/08/10

Adobe will shortly release an update to address a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions that was first reported in November.

The security hole is caused by boundary errors in the newplayer() JavaScript method in multimedia.api that can cause a computer to execute arbitrary code when a user opens a modified PDF file. The module, according to Core Security Technologies, runs a malicious Web site and waits for a user to trigger the exploit by connecting to the Web site through the PDF.

Adobe said it had reports that the vulnerability was being actively exploited. The company said updates addressing the problem would be available Jan. 12, 2010.

In other Adobe security news, the company released security patches for Illustrator CS4 and CS3 Thursday. The updates for both Mac OS X and Windows operating systems are designed to address issues that could subject systems to "arbitrary code execution," according to information released by Adobe.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • Graduation cap resting on electronic circuit board

    Preparing Workplace-Ready Graduates in the Age of AI

    Artificial intelligence is transforming workplaces and emerging as an essential tool for employees across industries. The dilemma: Universities must ensure graduates are prepared to use AI in their daily lives without diluting the interpersonal, problem-solving, and decision-making skills that businesses rely on.

  • businessmen shaking hands behind digital technology imagery

    Microsoft, OpenAI Restructure AI Partnership

    Microsoft and OpenAI announced they are redefining their partnership as part of a major recapitalization effort aimed at preparing for the arrival of artificial general intelligence (AGI).

  • hand typing on laptop with security and email icons

    Copilot Gets Expanded Role in Office, Outlook, and Security

    Microsoft has doubled down on its Copilot strategy, announcing new agents and capabilities that bring deeper intelligence and automation to everyday workflows in Microsoft 365.

  • abstract pattern of shapes, arrows and circuit lines

    Internet2 Announces a New President and CEO to Step Up in October

    Internet2, the member-driven nonprofit offering advanced network technology services and cyberinfrastructure to the research and education community has completed its search, which began this past May, for a new president and CEO to take the helm.