Another Adobe zero day strikes

Adobe Acrobat and Reader are affected by the critical vulnerability, as the software maker scrambles to issue a fix.

Adobe Reader

Adobe has been hit by another zero-day vulnerability, which has already been picked up by hackers targeting Windows machines.

The U3D memory flaw affects Adobe Reader X and earlier versions for Windows and Mac, as well as Adobe Reader 9.4.6 and earlier 9.x versions for UNIX. Adobe Acrobat X and earlier versions for Windows and Mac are also affected.

"This vulnerability (CVE-2011-2462) could cause a crash and potentially allow an attacker to take control of the affected system," the software maker said in a blog post.

"There are reports that the vulnerability is being actively exploited in the wild in limited, targeted attacks against Adobe Reader 9.x on Windows."

Adobe said it is working on a fix, which will be ready "no later than the week of 12 December.

"Because Adobe Reader X Protected Mode and Adobe Acrobat X Protected View would prevent an exploit of this kind from executing, we are currently planning to address this issue in Adobe Reader X and Acrobat X for Windows with the next quarterly security update for Adobe Reader and Acrobat, currently scheduled for 10 January 2012," Adobe continued.

"We are planning to address this issue in Adobe Reader and Acrobat X and earlier versions for Macintosh as part of the next quarterly update scheduled for 10 January 2012. An update to address this issue in Adobe Reader 9.x for UNIX is planned for 10 January 2012."

Adobe software has been hit by a plethora of flaws in the past. One of the reasons the late Steve Jobs wished to distance Apple from Flash was because of security issues.

The software developer confirmed last month it was giving up on creating Flash for mobile browsers, punting for HTML5 instead.

Featured Resources

B2B under quarantine

Key B2C e-commerce features B2B need to adopt to survive

Download now

The top three IT pains of the new reality and how to solve them

Driving more resiliency with unified operations and service management

Download now

The five essentials from your endpoint security partner

Empower your MSP business to operate efficiently

Download now

How fashion retailers are redesigning their digital future

Fashion retail guide

Download now

Recommended

Nigerian cyber criminals target Texas unemployment system
cyber security

Nigerian cyber criminals target Texas unemployment system

27 May 2021
Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021
Adobe erased users' photos with botched Lightroom update
Software

Adobe erased users' photos with botched Lightroom update

21 Aug 2020
Three ways to protect PDF documents
document management systems (DMS)

Three ways to protect PDF documents

19 Aug 2020

Most Popular

The benefits of workload optimisation
Sponsored

The benefits of workload optimisation

16 Jul 2021
Samsung Galaxy S21 5G review: A rose-tinted experience
Mobile Phones

Samsung Galaxy S21 5G review: A rose-tinted experience

14 Jul 2021
IT Pro Panel: Why IT leaders need soft skills
professional development

IT Pro Panel: Why IT leaders need soft skills

26 Jul 2021