adobe pdf flaw

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

New Adobe PDF flaw under attack; Patch coming Tuesday

Note to all Knuckleheads....The vulnerability affects Adobe Reader and Acrobat 9.1.3 and earlier versions on Windows, Macintosh and UNIXWhy announce at all? Just fix the thingI'm getting really tired of any company that gives the ostensibly obligatory "We're on that!" and then it's some time before the fix comes. These...

Tags: Operating systems, SECURITY, Microsoft Windows, Windows IS, Adobe PDF flaw, flaw, Adobe PDF, operating system, Adobe Systems Inc., attack

Discussion threads 2009-10-09

Additional Resources

News to know: Oracle; Sidekick; Win7 party; Google; Yahoo Hack day

Here are today's notable headlines. You can get News To Know via email alert and RSS daily. For continuous updates see BNET's around-the-Web tech coverage. Jason Hiner: Ellison rips IBM, shows off Sun-Oracle benchmarks, offers $10M prize Scott McNealy names Sun's top 10 tech...

Tags: Google Inc., Larry Dignan, Oracle Corp., Information Technology, Yahoo! Inc., Dana Blankenhorn, Ryan Naraine, Sam Diaz, Microsoft Windows 7, Microsoft Windows, Federal Government, Internet, Strategy, Operating Systems, Software, Government, Management

Blog posts 2009-10-12

New Adobe PDF flaw under attack; Patch coming Tuesday

Adobe has confirmed a critical, unpatched vulnerability in its PDF Reader/Acrobat software is being exploited by malicious attackers. by Ryan Naraine

Tags: Adobe PDF, Flaw, Attack, Security, Ryan Naraine

Blog posts 2009-10-09

Adobe 'zero-day' flaw is eight months old

The current zero-day attacks against Adobe Flash Player are not quite zero-day after all.   According to new information, Adobe's security response team knew about the vulnerability since December 31, 2008 see image below but it was misdiagnosed as a "data loss corruption" issue. When word of the...

Tags: Adobe Systems Inc., Flaw, Security, Ryan Naraine

Blog posts 2009-07-24

Adobe Flash zero-day attack underway; Harden PDF Reader immediately

Malicious hackers have found a new vulnerability in Adobe's ever-present Flash software and are using rigged PDF documents to launch exploits against Windows targets. The Adobe Flash Player flaw, which is currently unpatched, affects millions of Windows XP and Windows Vista users.  Adobe has acknowledged a "potential...

Tags: Adobe Systems Inc., Adobe PDF, Adobe Acrobat, Adobe Acrobat Reader, Exploit, Zero-day Bug, Security, Ryan Naraine

Blog posts 2009-07-22

Adobe ships insecure version of Reader from official site

Adobe ships insecure version of Reader from official siteHonestly, I've had it with AdobePeople complain about microsoft for shipping bloatware but Adobe is the worst one of all. It is ALWAYS the slowest pieces of software on my machine, and I run a rather powered machine. And its constantly full...

Tags: Web browsers, Tools & Techniques, Adobe Systems Inc., insecure version, official site

Discussion threads 2009-07-21

Critical Adobe Shockwave flaw affects millions

Critical Adobe Shockwave flaw affects millionsAnotherIt seems everytime I turn around now Adobe is having a critical flaw in one program or another. If it weren't for PDF files I think even acrobat would be gone.Windows Update...Microsoft should be working with Adobe to get this crap patched via Windows...

Tags: SECURITY, Patches, Adobe Shockwave flaw, Adobe Systems Inc., Adobe Shockwave, Shockwave, flaw

Discussion threads 2009-06-24

E-reader devices: The fun is just starting

E-reader devices: The fun is just startingKindle 3.0 and BeyondGood post, Larry.I agree that we're closer to the beginning of Kindle than the end. I finally looked at one recently and was amazed at how easy it was to navigate. Features such as the dictionary were really intuitive. Still, I...

Tags: E-books, PDF Support, e-Reader, E-reader device, e-book, iRex

Discussion threads 2009-06-02

Adobe: Turn off JavaScript in PDF Reader

In response to confirmed reports of a zero-day vulnerability in its PDF Reader software, Adobe today urged users on all platforms to disable JavaScript as a temporary measure to avoid code execution attacks. In sharp contrast to previous problems in responding to known security issues, the company...

Tags: Adobe Systems Inc., Adobe PDF, Adobe Acrobat, JavaScript, Adobe Acrobat Reader, Scripting Languages, Software/Web Development, Web Development, Ryan Naraine

Blog posts 2009-04-28

Foxit PDF Reader being exploited in the wild

Adobe isn't the only PDF software maker facing in-the-wild malware attacks. Just weeks after the availability of patches for critical security flaws in the popular FoxIt Reader, there is word that malicious hackers are already targeting unpatched versions of the software. ...

Tags: Software, Malware, Exploit, Foxit, Spyware, Adware & Malware, Cyberthreats, Security, Viruses And Worms, Ryan Naraine

Blog posts 2009-03-25

What is security transparency?

Guest editorial by Andrew Storms Transparency is a common theme in politics and Wall Street these days. The 2008 elections, dealings of TARP, financial institutions run a-muck are all places where we hear the word transparency bandied about on a daily basis. While many security professionals speak...

Tags: Information Security, Microsoft Corp., Transparency, Consumer, Security, Ryan Naraine

Blog posts 2009-03-05

Windows 7 - The missing bits

Windows 7 - The missing bitsProbably won't seean ISO mounter as that would offend the DRM community SecuRom et al. /tongue-in-cheekAnd could you imagine the grief MS will get the first time there is a flaw in their password app? As long as this is tied to the...

Tags: Operating systems, Microsoft Windows, Microsoft Corp., 7-zip, Microsoft Windows 7, Adobe PDF

Discussion threads 2009-02-27

Adobe Reader 9 and Acrobat 9 zero day exploited in the wild

Yesterday, Adobe confirmed the existence of a critical vulnerability affecting Adobe Reader and Acrobat versions 9.0 and earlier, originally detected by the Shadowserver Foundation last week. The onging targeted attacks have since been confirmed by both, Symantec and McAfee urging users to disable JavaScript in Adobe Reader...

Tags: Adobe Systems Inc., Adobe Acrobat, Adobe Acrobat Reader, Attack, Security, Dancho Danchev

Blog posts 2009-02-20

Google plugs 'high-risk' holes in Chrome browser

Google has shipped a high-priority Chrome browser patch with fixes for three security vulnerabilities that expose users to cross-site scripting and data theft attacks. Google Chrome's beta and stable channels have been updated to version 1.0.154.46 to mitigate an issue with the Adobe Reader plug-in (two separate...

Tags: Adobe Systems Inc., Google Inc., Adobe Acrobat Reader, Web Browser, Web Browsers, Security, Internet, Ryan Naraine

Blog posts 2009-01-29

With 256-bit encryption, Acrobat 9 passwords still easy to crack

Following ElcomSoft's claim that despite the 256-bit encryption Acrobat 9 passwords are susceptible to more efficient brute forcing than Acrobat 8 passwords -- a claim that Adobe confirmed citing usability trade-offs and urged users to take advantage of its improved passphrase mechanisms -- ElcomSoft's Dmitry Sklyarov and Vladimir Katalov provide...

Tags: Adobe Systems Inc., Password, Adobe Acrobat, Encryption, Dancho Danchev

Blog posts 2008-12-04

Rigged PDFs exploiting just-patched Adobe Reader flaw

Just three days after Adobe shipped a patch with fixes for a critical Adobe Reader vulnerability, hackers are using booby-trapped PDF files to fire exploits against Windows users. [ SEE: Heads up: Patch your Adobe Reader now ] The in-the-wild attacks, first spotted by...

Tags: Adobe Systems Inc., Adobe PDF, Flaw, Adobe Acrobat Reader, Microsoft Windows, Security, Operating Systems, Software, Ryan Naraine

Blog posts 2008-11-07

Heads up: Patch your Adobe Reader now

See important update below for information on patching this vulnerability. Heads up for Windows users: There's a critical, remotely exploitable vulnerability in Adobe Acrobat/Reader version 8. According to an advisory from Core Security, Adobe Reader suffers from a stack buffer overflow when parsing...

Tags: Adobe Systems Inc., Adobe Acrobat, Vulnerability, JavaScript, Adobe Acrobat Reader, Product Update, Security, Ryan Naraine

Blog posts 2008-11-04

Adobe ships critical PDF Reader, Acrobat patch

Adobe has shipped a critical update to patch a code execution vulnerability affecting multiple versions of its Reader and Acrobat products. According to Adobe's advisory, the flaw "could potentially allow an attacker to take control of the affected system." If you have Adobe...

Tags: Adobe Systems Inc., Adobe PDF, Adobe Acrobat, Adobe Acrobat Reader, Patches, Security, Ryan Naraine

Blog posts 2008-06-24

Mac OS X Leopard mega-patch plugs 41 security holes

It's Patch Day in the land of Mac OS X Leopard. Apple today shipped Security Update 2008-003 (Mac OS X 10.5.3) with fixes for a wide range of serious vulnerabilities that could put users at risk of information disclosure, denial-of-service and remote code execution attacks. ...

Tags: Apple Macintosh, Apple Mac OS X Leopard, Vulnerability, Apple Inc., Apple Mac OS X, Apple Mac OS, Operating Systems, Security, Software, Ryan Naraine

Blog posts 2008-05-28

Mozilla CEO blasts Apple for distributing Safari 3.1 for Window on its iTunes update site

Mozilla CEO blasts Apple for distributing Safari 3.1 for Window on its iTunes update siteHate to say it...but if you have iTunes you have to have QuickTime, iTunes won't run without it. But you can have QuickTime without iTunes, just make sure you select the right download.And to be fair...

Tags: Digital music, Digital media, window, Firefox beta, Apple Safari, Apple Inc., Apple iTunes, Mozilla Corp., Safari 3.1, Apple QuickTime

Discussion threads 2008-03-21