The current adobe pdf plug-in is vulnerable to malicious attack that can compromise my system, how do I upgrade to another version?
A vulnerability has been discovered in Adobe Reader/Acrobat, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error within CoolType.dll when processing the "uniqueName" entry of SING tables in fonts and can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a malicious PDF file containing a specially crafted embedded font.
The vulnerability is reported in version 8.2.4 (confirmed) and prior and version 9.3.4 (confirmed) and prior.
NOTE: The vulnerability is currently being actively exploited.
所有回复 (3)
Adobe is planning to release patches shortly. See Adobe advisory
that helps
There's more on the story @ H-online if you're interested.