http://www.theregister.co.uk/2006/12/01/adobe_vuln/ By Chris Williams 1st December 2006 A critical vulnerability has been identified in Adobe's Acrobat and Reader software which affects Internet Explorer users. As well as causing crashes, the frailty could allow a botnet to take control of the whole computer when a PDF is opened within Explorer. The hole is present in Acrobat Standard and Professional versions 7.0.0 to 7.0.8, and Adobe Reader 7.0.0 to 7.0.8. Only Microsoft's browser is vulnerable. Adobe's programmers are working on a patch, which should be available on its support site soon. In the meantime, deleting AcroPDF.dll from the will prevent Explorer from opening PDFs in the browser window. Adobe's advisory is here [1]. [1] http://www.adobe.com/support/security/advisories/apsa06-02.html _____________________________ Subscribe to InfoSec News http://www.infosecnews.org/mailman/listinfo/isn
This archive was generated by hypermail 2.1.3 : Mon Dec 04 2006 - 01:32:58 PST