Adobe To Release Fix for Acrobat Security Hole -- THE Journal

Adobe To Release Fix for Acrobat Security Hole

By Dian Schaffhauser
01/08/10

Adobe will shortly release an update to address a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions that was first reported in November.

The security hole is caused by boundary errors in the newplayer() JavaScript method in multimedia.api that can cause a computer to execute arbitrary code when a user opens a modified PDF file. The module, according to Core Security Technologies, runs a malicious Web site and waits for a user to trigger the exploit by connecting to the Web site through the PDF.

Adobe said it had reports that the vulnerability was being actively exploited. The company said updates addressing the problem would be available Jan. 12, 2010.

In other Adobe security news, the company released security patches for Illustrator CS4 and CS3 Thursday. The updates for both Mac OS X and Windows operating systems are designed to address issues that could subject systems to "arbitrary code execution," according to information released by Adobe.

About the Author

Dian Schaffhauser is a writer who covers technology and business for a number of publications. Contact her at dian@dischaffhauser.com.

Comments

Add your Comment

Your Name:(optional)

Your Email:(optional)

Your Location:(optional)

Comment:

Please type the letters/numbers you see above

Share this Page

Sponsored Links

THE Journal Digital Edition

January 2012 Issue Available Now

Free Subscription to the Digital Edition

Free Subscription to the Print Publication

Digital Edition archive

Students Explore the Moon in NASA's GRAIL Mission

5 K-12 E-Learning Trends

Digital Learning: What Kids Really Want

Feds Look To Accelerate E-Textbook Adoption with 'Digital Textbook Playbook'

Math and Biology Lessons To Go Massively Multiplayer and Online in MIT Project

Digital Learning: What Kids Really Want

Feds Look To Accelerate E-Textbook Adoption with 'Digital Textbook Playbook'

5 K-12 E-Learning Trends

BYOD Class Takes Their Learning to YouTube

High-Density WiFi: Planning for the Future

White Papers:

Desktop Virtualization in K-12 Schools: Reducing Costs, Saving Time And Delivering Anytime, Anywhere Access for Students and Staff
This paper will show how desktop virtualization can positively position educational institutions for the future, enabling them to reduce expenses through hard dollar savings and time efficiencies while delivering the experience that students, faculty and staff need and desire. Through the experiences of Babylon School District, as well as Manchester Essex Regional School District in Massachusetts and Rockford Public Schools in Michigan, we’ll paint a picture of how desktop virtualization can revolutionize education’s approach to delivering technology — an approach schools can actually afford. Read more...

If you have comments or questions about our print magazine features or stories, please e-mail the editorial staff at editorial@thejournal.com. If you have any comments or questions about content found on this Web site, please e-mail David Nagel at dnagel@1105media.com. If you have any comments or questions about subscriptions, please e-mail THEJournal@1105service.com. Links to additional editorial, sales, and publishing contacts can be found here.
Contact the webmaster: [+] Site Feedback [+]

THE Journal

What is your e-mail address?

Do you have a password?