Adobe Patches Zero-Day Vulnerability
Much ado has been made of Adobe's critical scripting vulnerability flaw. If you're still using Adobe Reader, you'll be happy to know a patch was released this week that fixes the problem in version 9. Users of versions 7 & 8 are still on schedule to be patched on 3/18.
Much ado has been made of Adobe's critical scripting vulnerability flaw. If you're still using Adobe Reader, you'll be happy to know a patch was released this week that fixes the problem in version 9. Users of versions 7 & 8 are still on schedule to be patched on 3/18.
For those that haven't been following the details of the exploit, the vulnerability is a result of an array indexing error in the processing of JBIG2 streams. Hackers have found a way to corrupt arbitrary memory using the PDF format and take control of compromised systems. The lesson learned here if we didn't know it already, don't take candy, or PDF's from strangers.