Adobe issues patch to block zero-day flaw

Article

Adobe issues patch to block zero-day flaw

Robert Westervelt, News Editor

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

SearchSecurity.com:
To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

Adobe issued a critical update Tuesday plugging a serious zero-day vulnerability in Acrobat Reader that was being actively exploited by attackers.

Hackers have been spreading malicious PDF files in targeted attacks in an attempt to exploit a processing error in Adobe Acrobat Reader 8 and 9, which results in a buffer overflow. If successfully exploited, the flaw could give attackers access to critical system files.

Related Adobe news:
Sourcefire issues Adobe zero-day patch to block attacks: "Home brew patch," blocks attempts by hackers to exploit an unpatched buffer overflow vulnerability in Adobe Reader 9.

Attackers target new Adobe zero-day flaw: Attackers are actively targeting a zero-day flaw in Adobe Acrobat Reader software, according to a warning from Symantec.
 
Adobe updates Flash Player to fix clickjacking, buffer overflow flaws: Flaws in Adobe Flash Player could be used by an attacker to gain access to system files and take control of a computer. Adobe recommends updating to the latest version.

"This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system," Adobe said in its security bulletin.

Adobe Reader 9.1 and Acrobat 9.1 update corrects the JBIG2 stream array indexing error. The image compression format is used to convert binary images. Adobe said it expects to issue updates for Adobe Reader 7 and 8, and Acrobat 7 and 8 by March 18. An update to Adobe Reader 9.1 for Unix will be released by March 25.

Symantec said researchers there were given a sample of the threat Feb. 12. Adobe said it had been testing a patch prior to Tuesday's release. It has come under increased pressured by some security researchers for its handling of the zero-day and taking too long to issue an update.

"They just don't appear to have taken it serious enough," said Andrew Storms, director of security operations at security and compliance auditing vendor nCircle Network Security Inc. "They need to work better at communicating to their customers."

SearchSecurity radio:

Wolfgang Kandek, chief technology officer of patch management vendor Qualys Inc. said Adobe should have issued an update much faster to accommodate its large user base, despite ongoing attacks being limited and targeted.

"… it makes me wonder whether Adobe has a setup to react to security flaws in an out-of-band manner, rather than through normal product cycles vulnerabilities of such magnitude need to be handled by a dedicated team that has the resources to quick develop and deploy a fix," Kandek said in a prepared statement.