Adobe’s Acrobat/PDF Reader software vulnerable to a nasty code execution, that could expose users to PC takeover attack.
Details of the newly discovered flaw, which affects Windows XP SP2 with IE7 and Adobe Reader 8.1, 8.0 and 7. We're awaiting a new service pack from Adobe where they patch the problem. Petko D., the hacker who discovered this issue, is very clear about the risk severity:
Adobe Acrobat/Reader PDF documents can be used to compromise your Windows Computer. Invisibly and unwillingly!!! All it takes is to open a Adobe Reader PDF document or come across a page where there is an embedded one. The issue is very critical given the fact that PDF documents are in the core of today’s modern business. This and the fact that it may take a while for Adobe to fix their closed source product, are the reasons why I am not going to publish any POCs. You have to take my word for it. The POCs will be released when an update is available.
Petko D. gave a proof-of-concept exploit that worked as advertised. The Windows XP box with a fully patched version of Adobe Reader, opening a rigged PDF file launched calc.exe without warning. The exploit did not work during my tests on Windows Vista.
adobe reader | Webshop | acrobat reader | adobe acrobat | | Privacy Policy | Newsletter | Contact | | pdf
Adobe®, Mozilla®, Firefox® and Google are the registered trademarks of their respective owners. We are not associated with Google® or Mozilla® or Adobe® in any way.
© Copyright adobe-reader.org 2010. All rights reserved
d e f br