Information Security News mailing list archives
PDFs open critical hole in Internet Explorer
From: InfoSec News <alerts () infosecnews org>
Date: Mon, 4 Dec 2006 03:28:58 -0600 (CST)
http://www.theregister.co.uk/2006/12/01/adobe_vuln/ By Chris Williams 1st December 2006 A critical vulnerability has been identified in Adobe's Acrobat and Reader software which affects Internet Explorer users. As well as causing crashes, the frailty could allow a botnet to take control of the whole computer when a PDF is opened within Explorer. The hole is present in Acrobat Standard and Professional versions 7.0.0 to 7.0.8, and Adobe Reader 7.0.0 to 7.0.8. Only Microsoft's browser is vulnerable. Adobe's programmers are working on a patch, which should be available on its support site soon. In the meantime, deleting AcroPDF.dll from the will prevent Explorer from opening PDFs in the browser window. Adobe's advisory is here [1]. [1] http://www.adobe.com/support/security/advisories/apsa06-02.html _____________________________ Subscribe to InfoSec News http://www.infosecnews.org/mailman/listinfo/isn
Current thread:
- PDFs open critical hole in Internet Explorer InfoSec News (Dec 04)