Adobe Systems Inc. on Wednesday warned of a critical zero-day flaw in its Reader and Acrobat software that could...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
allow an attacker to take over a system.
The vulnerability is reportedly being actively exploited in the wild, Adobe said in its brief security advisory. There is no patch yet available for the flaw.
The flaw exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh, according to Adobe.
Adobe said it is in "the process of evaluating the schedule for an update to resolve this vulnerability."
In a blog post Wednesday afternoon, McAfee researchers reported seeing a zero-day vulnerability in the wild that affects the latest version of Adobe Reader. "This zero-day vulnerability is a typical stack buffer overflow vulnerability and exploitation of this issue is expected to be relatively easy," they wrote.
Dig Deeper on Application Attacks (Buffer Overflows, Cross-Site Scripting)