SmallBizResource Blog -- Security
Adobe Patches Critical Reader Flaw
Better check which version of Adobe Reader you're running. If, like mine, it's 8.1 or earlier, you might want to think twice before opening a PDF.
According to a security bulletin posted today: "Critical vulnerabilities have been identified in Adobe Reader and Acrobat 8.1.2 and earlier versions. These vulnerabilities would cause the application to crash and could potentially allow an attacker to take control of the affected system."
Behind the scenes, Adobe Reader suffers from a stack buffer overflow when parsing specially crafted (invalid) PDF files. The flaw could be exploited if a user is tricked into opening a rigged PDF file. According to Dark Reading, the flaw was discovered by researchers at Core Security Technologies who were studying another similar flaw in a different PDF view application, Foxit Reader.
OK, enough of the scary stuff. Here's what we need to know so we can fixate on our businesses (not to mention tonight's election coverage) instead of our computers:
- Adobe recommends upgrading to Adobe Reader 9, which was released in June. You can download it from here.
- If you're unable to upgrade to Reader 9, then you should update to Reader 8.1.3. Choose your operating system and you're good to go.
- A third option -- really more of a workaround: Disable JavaScript in Adobe Reader and Acrobat (in the Edit/Preferences menu). Doing so will prevent the issue, although it will also prevent many basic Acrobat and Reader workflows from properly functioning.
This is a public forum. CMP Media and its affiliates are not responsible for and do not control what is posted herein. CMP Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.
Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of CMP Media LLC and may be edited and republished in print or electronic format as outlined in CMP Media's Terms of Service.
Important Note: This comment area is NOT intended for commercial messages or solicitations of business.
| Latest InformationWeek SMB Features for Small Biz |
| Exclusive Research for Small Biz |
Explore the Small Business Resource Blog
Topics
- AMD Sponsored Blog Post
- Business Know-How
- Customer Service
- Economy
- Freelancing
- Government
- Green
- Hardware
- Imaging How-To
- Internet
- Marketing
- Mobility
- Networking & Communications
- Productivity
- Research
- Retail
- Security
- Server How-To
- SmallBizResource
- Software
- Startups
- Storage
- Women in Business
Blog Roll
- All Things Digital
- BizWomen
- bMighty.com
- Business Know-How
- Cool Business Ideas
- Digital Download
- Duct Tape Marketing
- Entrepreneur.com Daily Dose
- The Entrepreneurial Mind
- Escape from Cubicle Nation
- Freelance Switch
- Guy Kawasaki
- InformationWeek
- New York Enterprise Report Blog
- Practically Speaking, The New York Times
- Seth Godin
- Shifting Careers, The New York Times
- Smallbiztechnology.com
- Small Biz Trends
- Tech Crunch
- USA Today Technology Live
Blog Archives
- February 2010
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
| A QUICK UPDATE FOR OUR VISITORS | |
|
