Adobe warns their Reader 9.4.6 and Acrobat 9.x under attack, security patch arriving soon

Adobe’s 2010 and earlier versions are under controlled and targeted attacks by hackers due to a Common Vulnerabilities and Exposures version CVE-2011-2462. This patch is currently installed in Adobe Reader 9.4.6 and Acrobat 9.x’s Windows-based software.
However, Unix and Linux-based operating systems have not raised any red flags to date.

Adobe Security Chief Brad Arkin announced this week:

“The reason for addressing this issue quickly for Adobe Reader and Acrobat 9.4.6 for Windows is simple: This is the version and platform currently being targeted. All real-world attack activity, both in this instance and historically, is limited to Adobe
Reader on Windows. We have not received any reports to date of malicious PDFs being used to exploit Adobe Reader or Acrobat for Macintosh or UNIX for this CVE (or any other CVE).”

The company is planning on releasing the security patch for the aforesaid versions no later than the December 12 week. The patch will likely lessen the vulnerability of the CVE under attack.

The later versions or the latest versions released by Adobe, Acrobat X and Reader X, are reported as ‘secure’ and no attacks have been reported as of yet. Moreover Arkin also assured that these versions will not be attacked by the hackers because the CVE’s
in these versions are not vulnerable enough to these malware.

Furthermore, Arkin also took the opportunity plead to the customers to upgrade to the latest versions as soon as possible. The security team at Adobe has put in tremendous efforts to keep these versions secure, Arkin said.

The magnitude of these newest threats can be measured from Adobe’s statement. According to their website, the threats can inoculate a serious damage in Windows-based systems and/or hackers can remotely access computers via this vulnerable portal.

“This vulnerability (CVE-2011-2462) could cause a crash and potentially allow an attacker to take control of the affected system,” Adobe warned.

 The security patch is expected to arrive sooner because of the upcoming holiday season. Arkin beseeched the users to install the security patch as soon as it goes online so that it can secure the systems before they leave for long vacations.

Short URL: https://www.newspakistan.pk/?p=5574

Posted by Usman Khalid on Dec 7 2011. Filed under Sci-Tech. You can follow any responses to this entry through the RSS 2.0. You can leave a response or trackback to this entry