AllThingsD » Foxit http://allthingsd.com Sat, 11 Feb 2012 12:35:04 +0000 en hourly 1 http://wordpress.org/?v=3.3.1 http://allthingsd.com/theme/images/logo-rss.jpg All Things Digital http://allthingsd.com/ 144 22 Here's a Patch for You, Adobe: \Acrobat\Uninstall.exe http://allthingsd.com/20090220/heres-a-patch-for-you-adobe-acrobatuninstallexe/ http://allthingsd.com/20090220/heres-a-patch-for-you-adobe-acrobatuninstallexe/#comments Fri, 20 Feb 2009 17:03:56 +0000 John Paczkowski http://digitaldaily.allthingsd.com/?p=13265 adobe-acrobat-reader-256x256There’s a critical vulnerability in Adobe’s Reader and Acrobat PDF software and at least one zero-day exploit for them in the wild already. Yet Adobe (ADBE) won’t have a fix in place until March 11, and then only for Adobe Reader 9 and Acrobat 9. Patches for earlier versions of the software will arrive sometime after that.

Two and half weeks or longer to wait for a critical patch.

In the meantime, exploits for the flaw will no doubt grow in number and cunning–a nightmare since the PDF format and Adobe’s related apps are so widely used. “Right now we believe these files are only being used in a smaller set of targeted attacks,” security group Shadowserver said in an advisory on the matter. “However, these types of attacks are frequently the most damaging and it is only a matter of time before this exploit ends up in every exploit pack on the Internet.”

Shadowserver recommends disabling Javascript in Acrobat and Reader to limit exposure to such attacks. There are, of course, other solutions as well–Foxit for Windows users, Preview for Mac users, and Xpdf for Linux users.

]]> http://allthingsd.com/20090220/heres-a-patch-for-you-adobe-acrobatuninstallexe/feed/ 3 Here's a Patch for You, Adobe: AcrobatUninstall.exe http://allthingsd.com/20090220/heres-a-patch-for-you-adobe-acrobatuninstallexe-2/ http://allthingsd.com/20090220/heres-a-patch-for-you-adobe-acrobatuninstallexe-2/#comments Fri, 20 Feb 2009 17:03:56 +0000 John Paczkowski http://digitaldaily.allthingsd.com/?p=13265 adobe-acrobat-reader-256x256There’s a critical vulnerability in Adobe’s Reader and Acrobat PDF software and at least one zero-day exploit for them in the wild already. Yet Adobe (ADBE) won’t have a fix in place until March 11, and then only for Adobe Reader 9 and Acrobat 9. Patches for earlier versions of the software will arrive sometime after that.

Two and half weeks or longer to wait for a critical patch.

In the meantime, exploits for the flaw will no doubt grow in number and cunning–a nightmare since the PDF format and Adobe’s related apps are so widely used. “Right now we believe these files are only being used in a smaller set of targeted attacks,” security group Shadowserver said in an advisory on the matter. “However, these types of attacks are frequently the most damaging and it is only a matter of time before this exploit ends up in every exploit pack on the Internet.”

Shadowserver recommends disabling Javascript in Acrobat and Reader to limit exposure to such attacks. There are, of course, other solutions as well–Foxit for Windows users, Preview for Mac users, and Xpdf for Linux users.

]]> http://allthingsd.com/20090220/heres-a-patch-for-you-adobe-acrobatuninstallexe-2/feed/ 0