Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

The current adobe pdf plug-in is vulnerable to malicious attack that can compromise my system, how do I upgrade to another version?

  • 3 respostas
  • 4 have this problem
  • 7 views
  • Last reply by Xircal

more options

A vulnerability has been discovered in Adobe Reader/Acrobat, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error within CoolType.dll when processing the "uniqueName" entry of SING tables in fonts and can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a malicious PDF file containing a specially crafted embedded font.

The vulnerability is reported in version 8.2.4 (confirmed) and prior and version 9.3.4 (confirmed) and prior.

NOTE: The vulnerability is currently being actively exploited.

A vulnerability has been discovered in Adobe Reader/Acrobat, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within CoolType.dll when processing the "uniqueName" entry of SING tables in fonts and can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a malicious PDF file containing a specially crafted embedded font. The vulnerability is reported in version 8.2.4 (confirmed) and prior and version 9.3.4 (confirmed) and prior. NOTE: The vulnerability is currently being actively exploited.

All Replies (3)

more options

Adobe is planning to release patches shortly. See Adobe advisory

more options

that helps

more options

There's more on the story @ H-online if you're interested.