Adobe has released a patch for security flaw discovered in their Adobe Acrobat Reader product. The flaw known as a cross-site scripting vulerability allows a link to a PDF to be blended with malicious javascript with the intent to hijack a computer.
Spammers could use this technique to send a specially crafted link to a PDF file that would infect the recipients computer. The flaw affects Acrobat Reader, as well as Acrobat Standard, Professional, and Elements in versions 7.08. Its important to realize the flaw does not affect actual PDF documents themselves but rather the way those documents are linked to and retrieved from the Internet.
How to Fix this Adobe Acrobat Flaw
Users of Adobe Reader and Adobe Acrobat can fix this flaw by updating to Adobe Reader 8.0. For users that cannot upgrade to version 8, they should upgrade to version 7.9 to protect them from this flaw.
For more information on this security issue, and steps to prevent problems, please visit the following page on Adobe's site.
http://www.adobe.com/support/security/bulletins/apsb07-01.html
For website operators, Adobe has also release workarounds to prevent the cross-site scripting vulnerability. You can find more information on these workarounds by visiting the following link.
http://www.adobe.com/support/security/advisories/apsa07-02.html
As an alternative to Adobe Reader, you may want to download the Foxit PDF Reader, a fantastic, fast and free PDF reader program.
Spammers could use this technique to send a specially crafted link to a PDF file that would infect the recipients computer. The flaw affects Acrobat Reader, as well as Acrobat Standard, Professional, and Elements in versions 7.08. Its important to realize the flaw does not affect actual PDF documents themselves but rather the way those documents are linked to and retrieved from the Internet.
How to Fix this Adobe Acrobat Flaw
Users of Adobe Reader and Adobe Acrobat can fix this flaw by updating to Adobe Reader 8.0. For users that cannot upgrade to version 8, they should upgrade to version 7.9 to protect them from this flaw.
For more information on this security issue, and steps to prevent problems, please visit the following page on Adobe's site.
http://www.adobe.com/support/security/bulletins/apsb07-01.html
For website operators, Adobe has also release workarounds to prevent the cross-site scripting vulnerability. You can find more information on these workarounds by visiting the following link.
http://www.adobe.com/support/security/advisories/apsa07-02.html
As an alternative to Adobe Reader, you may want to download the Foxit PDF Reader, a fantastic, fast and free PDF reader program.
No comments:
Post a Comment