Article

Adobe warns of critical zero-day flaw in Reader, Acrobat

SearchSecurity.com Staff

Adobe Systems Inc. on Wednesday warned of a critical zero-day flaw in its Reader and Acrobat software that could allow an attacker to take over a system.

The vulnerability is reportedly being actively exploited in the wild, Adobe said in its brief security advisory.

    Requires Free Membership to View

There is no patch yet available for the flaw.

The flaw exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh, according to Adobe.

Adobe said it is in "the process of evaluating the schedule for an update to resolve this vulnerability."

In a blog post Wednesday afternoon, McAfee researchers reported seeing a zero-day vulnerability in the wild that affects the latest version of Adobe Reader. "This zero-day vulnerability is a typical stack buffer overflow vulnerability and exploitation of this issue is expected to be relatively easy," they wrote.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: