News

• Adobe to patch Reader zero-day bug Thursday

  Adobe said today that it would patch a critical Reader vulnerability on Thursday.

• Don't wait for Adobe sandboxing to secure PDF viewing

  Adobe has revealed that it will strengthen the security controls in the Adobe Reader application by adding sandboxing in the next release. With malicious attacks targeting Adobe products more frequently, it is definitely a move in the right direction, but there are also more secure PDF reader alternatives you can start using today.

• Adobe puts PDF reader in quarantine

  Adobe provides its beleaguered PDF reader with sandbox technology to thwart exploits. "This is coming out in the next major release", reveals Brad Arkin, head of security at Adobe, to Webwereld.

• Adobe fails to fully fix PDF bug

  An Adobe patch for a well-publicized bug in the company's Reader PDF software doesn't fix the vulnerability, the security researcher who uncovered the flaw confirmed.

• Update: Attackers exploit critical bug in Adobe's Flash, Reader

  Adobe late Friday warned that attackers are exploiting a critical vulnerability in the company's most widely-used software: Flash Player and Adobe Reader.

• Adobe considers more frequent patch schedule

  Adobe Systems is considering patching its applications more frequently after moving to a quarterly patching schedule for its Acrobat and Reader programs last year.

• Foxit Reader update blocks new PDF attack tactic

  Foxit Software, the developer of a rival PDF viewer to Adobe's vulnerability-plagued Reader, released an update today that blocks some attacks with a "safe mode" that's switched on by default.

• Major malware campaign abuses unfixed PDF flaw

  Several security companies today warned of a major malware campaign that tries to dupe users into opening rigged PDFs that exploit an unpatched design flaw in the format.

• Patch Tuesday: Microsoft safeguards video, Adobe secures PDFs

  Microsoft and Adobe Tuesday separately delivered a raft of security updates that address vulnerabilities said to impact common user activities such as watching video files or opening PDFs.

• Adobe preps PDF patches for Reader

  Adobe on Thursday will announce the patches it plans to deliver next week for its PDF software, a part of its quarterly security update process.

• Adobe considers changes to mitigate PDF attack

  Adobe Systems is considering modifying its PDF applications to counter a way to run arbitrary code on Windows computers by embedding it in a malicious PDF file.

• Foxit's updated PDF reader remains vulnerable to attack

  Reacting to a demonstration that showed how attackers could force-feed malware to users without exploiting an actual vulnerability, Foxit Software patched its PDF viewer last week.

• Wormy attack could spread via PDF

  Security researcher Jeremy Conway says he has discovered a way to spread malicious code across PDF documents on a victim's computer.

• Malicious PDF file doesn't need a software vulnerability

  A security researcher has found a way to run arbitrary code on Windows computers by embedding it in a malicious PDF file.

• Adobe issues emergency PDF patches

  Adobe today released an emergency update that patched a pair of critical vulnerabilities in its popular PDF viewing and editing software.