Adobe PDF Reader patched due to critical flaws
Adobe Reader version 9, released in June of this year, is not affected.
The vulnerabilities were identified in Adobe Reader and Acrobat 8.1.2 as well as earlier versions and caused the application to crash as well as potentially allowing an attacker to take control of the affected system.
For the vulnerability to successfully work, a user would need to open the maliciously-crafted PDF file. Attackers would then be free to execute arbitrary code.
Once Core Security made the discovery, it alerted Adobe and the two companies joined forces to create a patch to solve the problem and protect vulnerable users.
He said: "The bug was discovered while investigating a previously disclosed and similar problem in another PDF application, highlighting the manner in which common implementation mistakes are frequently shared among multiple vendors."
It's not the first time Adobe has had security problems in the recent months. In August, Adobe investigated Flash banner ads hijacking users' clipboards, while in October Adobe's website suffered a SQL injection attack.
Key considerations for implementing secure telework at scale
Identifying the security risks and advanced requirements of a remote workforceDownload now
The State of Salesforce 2020
Your guide to getting the most from SalesforceDownload now
Fast, flexible and compliant e-signatures for global businesses
Be at the forefront of digital transformation with electronic signaturesDownload now
Rethink your cybersecurity strategy for the new world
5 steps to secure the enterprise and be fit for a flexible futureDownload now