Adobe releases security patches for Acrobat and Reader

January 11, 2007 by techbuzz | 1 Comment
Filed Under Announcements, Software

Finally, to overcome the cross-site scripting flaw, Inc. has come-up with security updates in versions 7.0.8 and earlier of its Adobe Reader and Acrobat software. The Reader flaw rated as “highly critical” could allow remote attackers to inject arbitrary JavaScript into a browser session. Security Bulletin disclosed that the risky holes allow an attacker to remotely commandeer a computer via a malicious link that targets PDF files on vulnerable computers. This would enable the hijacker to read and delete files and forward information from the compromised computer.

has been working to address the problem, since researchers Stefano Di Paola and Giorgio Fedon drew attention to the flaw in a paper presented by them at conference in Berlin in the last part of December. To address these concerns, Adobe Systems Inc. has recommended its Adobe Reader and Acrobat users to upgrade to version 8. However, those unwilling to upgrade or those whose system does not support version 8, can install 7.0.9. If this recommendation is followed, their computers will be safe from any attacks. Usually, for fixing such loop-holes companies provide a security patch which is much easier and quicker a process, however, Adobe has preferred not to go for any patches in this case.

adobe acrobat

These updates would function in the following Operating Systems: AIX, HPUX, , , Solaris, , Windows NT, Windows Server 2003, . In this connection Adobe Systems Inc. has also released a bulletin, wherein detailed description was provided for taking both the actions. This is the first set of security patches released by Adobe to address the cross-site scripting vulnerability.

Trackbacks/Pings (Trackback URL)



1 Comment so far

  1. Stephen John on January 30, 2007 02:22

    need security patch

Name (required)

Email (will not be publihed) (required)


Speak your mind