Sponsor for PC Pals Forum

Author Topic: No Acrobat patch for 3 weeks  (Read 1090 times)

Offline Clive

  • Administrator
  • *****
  • Posts: 75153
  • Won Quiz of the Year 2015,2016,2017, 2020, 2021
No Acrobat patch for 3 weeks
« on: February 20, 2009, 17:15 »
A security flaw in Adobe's Acrobat Reader software will not be fixed for three weeks, the company has warned.

Adobe warned that the vulnerability affected Acrobat Reader 9 as well as Acrobat 9 and earlier versions of the software as well.

"Adobe expects to make available an update for Adobe Reader 9 and Acrobat 9 by 11 March, 2009," Adobe said in a statement.

"Updates for Adobe Reader 8 and Acrobat 8 will follow soon after, with Adobe Reader 7 and Acrobat 7 updates to follow," the statement continued.

Security experts warned that the flaw could allow a hacker to take control of your PC.

"The risk is that hackers could deliberately construct a malformed PDF file that would trigger the vulnerability, allowing them to open a backdoor and run malicious code on your computer," said Graham Cluley of security firm Sophos.



Offline Rik

  • Former Admin
  • *****
  • Posts: 26506
  • Ceud mille failte
Re: No Acrobat patch for 3 weeks
« Reply #1 on: February 20, 2009, 17:26 »
To think I used to be an ardent Adobe fan.  :cry:
Slainthe!

Rik

Offline sam

  • Administrator
  • *****
  • Posts: 19977
Re: No Acrobat patch for 3 weeks
« Reply #2 on: February 20, 2009, 17:28 »
its bloatwear too!
- sam | @starrydude --

Offline Rik

  • Former Admin
  • *****
  • Posts: 26506
  • Ceud mille failte
Re: No Acrobat patch for 3 weeks
« Reply #3 on: February 20, 2009, 17:30 »
I know. :( When I worked for them, they 'felt' a much better company, they were lean, quick to respond, innovative. Now, they seem to have got bogged down in trying to out Microsoft Microsoft, Sam.  :bawl:
Slainthe!

Rik

Offline Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Re: No Acrobat patch for 3 weeks
« Reply #4 on: February 20, 2009, 18:27 »
So, are PDF files something to be generally wary of?  I wasn't aware that they could harbour viruses.  What if you use something like Foxit to open them?  Would you be more vulnerable in that case?
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Offline Rik

  • Former Admin
  • *****
  • Posts: 26506
  • Ceud mille failte
Re: No Acrobat patch for 3 weeks
« Reply #5 on: February 20, 2009, 18:43 »
You're as vulnerable as Foxit, Simon. It's like any piece of code you download, really, it can harbour nasties.
Slainthe!

Rik

Offline sam

  • Administrator
  • *****
  • Posts: 19977
Re: No Acrobat patch for 3 weeks
« Reply #6 on: February 21, 2009, 09:53 »
though its easier to hind things in certain types.. and you don't really execute pdfs....
- sam | @starrydude --

Offline Rik

  • Former Admin
  • *****
  • Posts: 26506
  • Ceud mille failte
Re: No Acrobat patch for 3 weeks
« Reply #7 on: February 21, 2009, 11:10 »
Is that true, Sam? They are based on Postscript and, as such, do run code surely?
Slainthe!

Rik

Offline sam

  • Administrator
  • *****
  • Posts: 19977
Re: No Acrobat patch for 3 weeks
« Reply #8 on: February 21, 2009, 15:28 »
actually I guess you are right in that sense - I meant its not like you are going to run a pdf like you would some other executable, e.g. if you downloaded a programme of the web then you would expect to install it so when it started running a setup  you wouldn't think anything of it-  if a pdf did, alarm bells should ring.  If that makes sense...
- sam | @starrydude --

Offline Rik

  • Former Admin
  • *****
  • Posts: 26506
  • Ceud mille failte
Re: No Acrobat patch for 3 weeks
« Reply #9 on: February 21, 2009, 15:35 »
It does. What I was thinking, though, was that a suitably crafted PDF could exploit Acrobat without the user knowing a thing about what was happening.
Slainthe!

Rik

Offline Clive

  • Administrator
  • *****
  • Posts: 75153
  • Won Quiz of the Year 2015,2016,2017, 2020, 2021
Re: No Acrobat patch for 3 weeks
« Reply #10 on: February 21, 2009, 16:09 »
Wasn't there a huge spate of spam containing .pdf viruses about a year ago?  :dunno:

Offline sam

  • Administrator
  • *****
  • Posts: 19977
Re: No Acrobat patch for 3 weeks
« Reply #11 on: February 21, 2009, 16:35 »
It does. What I was thinking, though, was that a suitably crafted PDF could exploit Acrobat without the user knowing a thing about what was happening.

true... though there probably aren't that many pdfs out there that are infected - you still have to get it from a dodgy source.
- sam | @starrydude --

Offline Rik

  • Former Admin
  • *****
  • Posts: 26506
  • Ceud mille failte
Re: No Acrobat patch for 3 weeks
« Reply #12 on: February 21, 2009, 16:37 »
Wasn't there a huge spate of spam containing .pdf viruses about a year ago?  :dunno:

Yes. :(
Slainthe!

Rik


Show unread posts since last visit.
Sponsor for PC Pals Forum