Adobe releases patches for Acrobat and Reader

Cathleen Moore (InfoWorld)
16 June, 2005 08:17
Comments

Adobe Systems has rolled out patches for security vulnerabilities found in Adobe Reader 7.0 and 7.0.1, and in Adobe Acrobat 7.0 and 7.0.1.

The hole in the products, referred to as an XML External Entity vulnerability, allows XML scripts to be used to discover a user's local files under certain circumstances.

According to Adobe officials, the vulnerability is within the Adobe Reader control. If an XML script is embedded in JavaScript, it is possible to discover the existence of local files, according to a security advisory from the company. An attacker could then maliciously use the gathered information. But the statement pointed out that the local files can be found only if the attacker knows the complete file names and paths in advance of such an attack.

The vulnerability impacts Acrobat and Reader running on Windows and Mac platforms.

Adobe recommends that Reader and Acrobat for Windows customers download the updates provided on the Adobe website at adobe.com/support/downloads.

The company said it would release an update for the Mac OS versions shortly. Until the Mac patch is available, Adobe advises end-users to disable any Acrobat JavaScript. This should protect systems from the vulnerability.

Come socialise with us! Facebook | LinkedIn

Bookmark this page
Share this article
- facebook
- slashdot
- digg
- Reddit
- stumbleupon
- linkedin
- twitter
Got more on this story? Email ARN
Follow ARN on twitter

More about: Adobe, Adobe Systems

Comments

Post new comment

Share
Share this article
- google+
- facebook facebook
- slashdot slashdot
- digg digg
- Reddit Reddit
- stumbleupon stumbleupon
- linkedin linkedin
- twitter twitter
print
email
Bookmark

Related Whitepapers

Latest Stories

Community Comments

"Yes, I agree the Samsung tablet is a good product with some ..."

REVIEW: Is the Samsung Galaxy Tab 10.1 the new king of Android tablets?
"Has anyone seen the new "Friend Project" social network site? It copies ..."

MySpace: The next hot social network?
"It should read as Australasian owned, not Australian owned."

Datacom joins AFP, Microsoft and ninemsn to support ThinkUKnow
"the new lenovo x130e 's r alright but they blocked eveything '"

Lenovo awarded NSW DET netbook contract
"Have you any idea just about any cheap�discount�hotels in Espoo, Finland?"

Telstra-NBN Co wholesale broadband agreement “imminent”

ARN Directory | Distributors relevant to this article

Express Data , Express Online , Ingram Micro Australia , Scholastic , Topstar Computer International

ARN Directory | Vendors relevant to this article

Adobe Systems

Most Read

Get exclusive access to ARN's news, research and invitation only events.

Latest Jobs

Most Commented

ARN Distributor Directory

Find distributors by name | vendor | location

Channel Deals

Synnex

Lenovo February and March Hot Deal 3

More details »

ARN Vendor Directory

Find vendors by name | category

iAsset is a channel management ecosystem that automates all major aspects of the entire sales,marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.

Featured Whitepapers

Churchtown Primary School UK Primary School Chooses Aerohive's Reliable, Manageable, Scalable and Economical Controller-less Wireless LAN Architecture

Churchtown School, one of the largest primary schools in the UK, was been searching for a new wireless LAN, and Aerohive answered the call. Reliability was a top priority, followed by manageability, performance, and cost, plus the ability to take advantage of the latest technology, including 802.11n. Read the whole story >>>

Most Popular Whitepapers

HiveManager Online: Less Dollars, More Sense

Today’s de facto standard controller-based Wi-Fi infrastructure model is just too complicated, too expensive, and too unreliable. It’s common for enterprise and mid-market network operators alike to get caught in a crossroads of compromises involving costs, complexity, features, and reliability.

Popular tags: Business Management, Security, Storage, Data Centre, Master Data Management

Market Place