Adobe says Acrobat, Reader vulnerable to hacks

  • October 12, 2007
  • 2 minute read
This is a disturbing as most white pages and manuals ranging from automobiles and computer motherboards are in PDF format. Even eBooks could be an easy way for a hacker to gain access to your machine, illegal books put online could be a trap for unsuspecting downloaders. Adobe says Acrobat, Reader vulnerable to hacks – BOSTON (Reuters) – Adobe Systems Inc, whose software is used by millions of people to read documents sent over the Internet, said on Wednesday some of its programs contain yet-to-be-fixed flaws that make computers vulnerable to attack. On October 5, Adobe posted a notice on its Web site that said it had unknowingly incorporated vulnerabilities into versions of Adobe Reader and Acrobat software that could allow malicious programs to get on to a PC without the user’s knowledge.

This is a disturbing as most white pages and manuals ranging from automobiles and computer motherboards are in PDF format. Even eBooks could be an easy way for a hacker to gain access to your machine, illegal books put online could be a trap for unsuspecting downloaders.


Adobe says Acrobat, Reader vulnerable to hacks – BOSTON (Reuters) – Adobe Systems Inc, whose software is used by millions of people to read documents sent over the Internet, said on Wednesday some of its programs contain yet-to-be-fixed flaws that make computers vulnerable to attack.

On October 5, Adobe posted a notice on its Web site that said it had unknowingly incorporated vulnerabilities into versions of Adobe Reader and Acrobat software that could allow malicious programs to get on to a PC without the user’s knowledge.

Such malicious software can take control of a machine and steal confidential data, send out tens of thousands of spam e-mails, or infiltrate government computer systems.

Adobe said it believes the flaws only affect computers running Microsoft Corp’s Windows XP operating system and Internet Explorer 7 Web browser. Adobe said it was working to rectify the problem but the fix might not be available until the end of October.

Some security experts say that may not be soon enough to stop hackers determined to get malicious software past firewalls and other security software programs.

“Users should pressure Adobe to release a patch sooner than that,” said Gadi Evron, a security expert at Beyond Security. He has organized three closed-door international conferences on efforts by governments and private companies to fight computer attacks.

Malicious software is a common problem. Recent examples have corrupted eBay Inc’s Skype Internet telephone service and Time Warner Inc’s AOL instant messaging software. Hackers sometimes hide malicious software inside Microsoft Word documents and photo files, hobbling computers when users open them.

Some security experts said that what makes the Adobe case disturbing is that it came to light before the company had a solution to fix the problem, which means hackers have an opportunity to exploit the

Read the full story at Reuters


Did you like this article?


0 Shares:
Share 0
Tweet 0
Share 0
Share 0
— Previous article

Novell and RedHat Linux vs IP Innovation LLC: Was Ballmer right?

Next article —

NEC's VersaPro VY10A/C-4 laptop lasts 14.5-hours on a single charge

You May Also Like

Sailing To A New Island With The Pirate Bay

  • by
  • October 11, 2007
Just an update from the Pirate Bay in regards to what there current situation is, and a status update on everything that is going on.
Sailing To A New Island With The Pirate Bay - Being in The Pirate Bay team means you have a very busy life. Running the world's largest tracker and dealing with raids and court cases leaves little time for anything else. But as usual, the Pirate Bay guys still make the time to update their fans on their plans to buy an island.
Read More
UUncategorized

Corporate critics feel the stinging lash of DMCA misuse

I use to work for an ISP and was head of the Abuse Department. We only really received legitimate DCMA's that were then handled by legal. We didn't really seem to get that many DMCA notices, maybe its because we're a Canadian organization?
Corporate critics feel the stinging lash of DMCA misuse -

Two recent cases show that companies aren't always fans of criticism, and some will file misguided DMCA notices and defamation cases to scrub it from the Internet.

Read More...

Read More
UUncategorized

Hard times for hard drives: US may ban popular imports

This could be a damaging blow to quite a few companies within the United States. For instance, take a dedicated server hosting company that relies on one of many hardware vendors like Dell or HP (Hewlett-Packard). Its possible that said vendor will have stock pile of hard drives. Put lets put this into perspective. If you read the entire article you will see a similar situation that ended with Broadcom filing a complaint against Qualcomm. The International Trade Commission banned Qualcomm from shipping any new chips and hardware into the United Sates, and any chips that were already being shipped to the United States could continue. The ban lasted for 45 days, until an appeal by Qualcomm was successful and then the ban was lifted.
Read More
UUncategorized

MySQL and OpenSSL Replication what a mess!

Just a heads up, if you do decide to enable OpenSSL so you can do encrypted MySQL replication. There are two bugs that will affect replication and the mysqldump command. They're as follows: Bug #24148 regression tests hang with SSL enabled http://bugs.mysql.com/bug.php?id=24148 http://lists.mysql.com/commits/17286 Bug #27669 mysqldump: Got error: 2026: SSL connection error when trying to connect http://bugs.mysql.com/bug.php?id=27669 http://lists.mysql.com/commits/24329 This may cause lots of problems with MySQL and SSL Replication using OpenSSL. Cheers!
Read More

Plans for Ubuntu 7.10 (Gutsy Gibbon) revealed

  • by
  • June 20, 2007
Another Ubuntu Release in the works!

To give you the rundown on the notable changes. The desktop version will be shipping with a new default windows manager that looks kinda like Mac OSX:



	

		
	

	

		We are aiming for Ubuntu to be one of the first distributions to ship

		the newly merged Compiz and Beryl projects (compcomm/OpenCompositing);

		and enable it as the default window manager on systems with a supported

		combination of hardware and drivers.

		
	

	









http://compiz.org




cube effect peel effect cube effect cube effect





And the addition of AppArmour to the Server version of Ubuntu:






	

		
	

	

		For increased security, the AppArmor security framework will be

		available as an option for those that want it.

		
	

	




The following is the original statement by the Ubuntu Development Manager.




	

		
	

	

		Now that the set of feature goals planned for Ubuntu 7.10 ("Gutsy

		Gibbon") has been largely finalised, it seems like an appropriate point

		to announce the plan to the world.

		While this is based on the approved blueprints for gutsy[0], which are

		expected to be implemented in time, we do release according to a

		time-based schedule[1] rather than a feature-based one.  It is not

		unusual for some planned features to be delayed to later releases;

		happily it is also not unusual for our developers to introduce neat

		features we weren't expecting either.

		[0] https://blueprints.launchpad.net/ubuntu/gutsy/

		[1] https://wiki.ubuntu.com/GutsyReleaseSchedule

		Desktop

		-------

		Ubuntu 7.10 will ship with the latest edition of the GNOME desktop,

		2.20, released a few weeks before our own release.  Kubuntu 7.10 will

		ship with KDE 3.5.7, and should also include packages of KDE 4.0 rc 2

		available for optional side-by-side installation.

		We are aiming for Ubuntu to be one of the first distributions to ship

		the newly merged Compiz and Beryl projects (compcomm/OpenCompositing);

		and enable it as the default window manager on systems with a supported

		combination of hardware and drivers.

		Systems which do not support compositing, or those with it disabled by

		user option, will use the existing metacity window manager.

		Hardware Support

		----------------

		Ubuntu 7.10 will use the 2.6.22 Linux kernel, along with our usual

		selection of updated and additional drivers.

		We will also use Xorg 7.3, giving better graphics hardware support and

		the option of hotplugging monitors (RandR 1.2) and input devices

		(xserver 1.4).

		As well as the easier configuration for hotplugging-supported drivers

		("no xorg.conf"), we also aim to have better configuration for other

		drivers and fallback settings for when there is a problem.

		Some "winmodem" chips will be supported out of the box, where drivers

		are available; though this may rely on the use of restricted drivers.

		Improvements to the Restricted Driver Manager are expected, allowing

		drivers to be disabled by default and proposed by the manager.  As

		previously announced, an edition of Ubuntu without restricted enabled by

		default is in the works.

		Mobile

		------

		As announced, Ubuntu 7.10 will be first release to include a new Mobile

		and Embedded edition targeted at hand-held devices and other

		mobile/embedded form factors.

		This integrates the Hildon UI components developed by Nokia into Ubuntu,

		on top of the existing Ubuntu platform.

		Server

		------

		Development of the Ubuntu 7.10 Server Edition has received a new boost

		with a dedicated development team at Canonical working on it.  Features

		aiming to improve the experience for new and hobbyist administrators are

		expected, as well as features desirable for small businesses and

		organisations.

		For increased security, the AppArmor security framework will be

		available as an option for those that want it.

		Stability and Performance

		-------------------------

		Ubuntu 7.10 should function significantly better when the filesystem is

		full or otherwise not writable, allowing the user to make room and then

		continue working without undue interruption.

		Improvements to our "apport" bug and crash reporting infrastructure are

		planned, in particular integration with our software installation and

		upgrade tools so that problems installing or upgrading packages can be

		easily reported with relevant information attached.  Kernel crashes will

		also be intercepted on reboot, and may be reported using the tool.

		Our efforts to improve boot reliability and performance continue;

		unlimited and reliable stackability of software raid (MD) devices, LVM

		volumes and software-managed (devmapper) devices will be supported with

		no runtime ordering issues.

		Ubuntu 7.10 will ship with Upstart 0.5, which will provide flexible and

		reliable service supervision.  We expect to harness this for suitable

		core services, and some boot process tasks, as appropriate.

		Scott

		-- 

		Scott James Remnant

		Ubuntu Development Manager

		scott at ubuntu.com

		-------------- next part --------------

		A non-text attachment was scrubbed...

		Name: not available

		Type: application/pgp-signature

		Size: 189 bytes

		Desc: This is a digitally signed message part

		Url : https://lists.ubuntu.com/archives/ubuntu-devel-announce/attachments/20070619/d46e34e1/attachment.pgp
Read More