Adobe Reader JBIG2 Critical Vulnerability

If you are new here, you may want to subscribe to our feed.

A ton of people now use Adobe Reader. That’s because of the ease of use in cross platform document exchange. Well, a new zero day has surfaced that makes your reader like a giant hole in a bank. Various sources said that it was being actively exploited. Sure enough, I found source code out there for the exploit being circulated.

The original US-Cert advisory cites a problem with indexing arrays in JBIG2 streams.  Yeah, I know, what the heck does that mean?  Well, the bottom line is that arbitrary code can be run by the exploiter.  What does someone have to do to be exploited?  Well, open a pdf document.  That simple.  So, I would say that you shouldn’t open untrusted pdf docs.  No patch has been issued yet.

As an aside, there are also some nasty Adobe flash player exploits making the rounds.  Some involved code execution when viewing flash movies and some involve privilege escalation.  So, I would say that it’s time for Adobe to roll out a bunch of security updates.

Digg it Add to del.icio.us Stumble it add to technorati


Related Posts:

Adobe Reader/Acrobat Vulnerability
Adobe has announced a vulnerability in their acrobat and reader series. The vulnerability affects: Adobe Acrobat 5.x Adobe Acrobat 6.x Adobe Acrobat...

Extremely Critical Mac OS X _MACOSX Vulnerability
Secunia has issued another very critical security warning. This vulnerability has been confirmed on a fully patched Mac OS X...

The Temp folder is on a drive that is full
Did you get this message when installing Adobe Acrobat 8 Reader on a Vista machine?  Yep, I have talked to...

Word 2000 Extremely Critical Vulnerability
Secunia has issued an extremely critical vulnerability warning for Microsoft Word 2000. The vulnerability is actually a rework of...

Internet Explorer Extremely Critical Vulnerability
vulnerability has been discovered in Internet Explorer which could allow a malicious person to exploit a vulnerability. This...

•