INFO: Adobe Acrobat Reader Potential Exploit

News spreading around that there exist a zero-day exploit on the popular PDF application Acrobat Reader abound. This vulnerability is acknowledged by Adobe and their security bulletins and advisories site has it logged. And while a patch has been released by Abode to address the exploit, their download site seems to have lagged from that.

While users may have patched (or the unaware have already been patched by automatic updates), newly installed computers or those that do not have any PDF readers installed are still potentially vulnerable. This is because the binary available for download off Adobe's website is still the unpatched version.


As seen from the screenshot above, the version available for download is 9.1. While the latest updates that patch the zero-day exploit is 9.1.2.

If you do not install Adobe's Acrobat Reader you are in better shape than others. But to the common non-IT people, the default PDF application that installs is Acrobat. And installing the unpatched version poses a threat to the unwilling innocent victim.

So if you happen to have version 9.1 or the older 8.1.4 or 7.1.1 it is time to click that update button and save yourself from the threat.

Having the update/patch available is good. But making the available downloadable binary the patched version is the better scenario. It should not be that hard to do for a company like Adobe.

You might also be interested in:

Feedback

We at pimp-my-rig strive to keep on improving, help us reach that goal by leaving comments or constructive criticisms. Don't miss out on our next feature -- subscribe via RSS (What is RSS?).

Share This

0 comments: