Adobe Systems released a patch today to plug a security hole affecting Adobe Reader that is on the radar of attackers.
The update actually fixes two vulnerabilities, though only one is known to be under attack. That vulnerability – a flaw affecting Adobe Reader 9.4.1 and earlier 9.x versions for Windows, Unix and Mac OS X – had been targeted by attackers for the past few weeks.
The vulnerability, CVE-2010-3654, could be used to cause a crash and potentially allow an attacker to take control of the affected system, Adobe said in its advisory.
The other issue fixed in the update is a denial-of-service bug. An Adobe spokesperson said the company has not seen any exploit in the wild targeting the bug yet. However, proof of concept code was posted on the Full Disclosure mailing list.
“Adobe recommends users of Adobe Reader 9.4 and earlier versions for Windows and Macintosh update to Adobe Reader 9.4.1, available now,” the company said in the advisory. In addition, “Adobe recommends users of Adobe Reader 9.4 and earlier versions for Unix update to Adobe Reader 9.4.1, expected to be available on November 30, 2010 … [and] users of Adobe Acrobat 9.4 and earlier 9.x versions for Windows and Macintosh update to Adobe Acrobat 9.4.1.”
US FCC seeks to ban Chinese telecom firms at centre of national security concerns from…
Two updates to Anthropic's AI chatbot Claude sees arrival of a new business-focused plan, as…
Most people in the United States view TikTok as a Chinese influence tool a poll…
UK regulator confirms it is investigating whether OnlyFans is doing enough to prevent children accessing…
Dismissed staff file complaint with a US labor board, and allege Google unlawfully terminated their…
Elon Musk dismisses two senior Tesla executives, plus the entire division that runs Tesla's Supercharger…