Adobe Finally Fixes Remote Launch 0-Day

Trailrunner7 sends in this excerpt from Threatpost (Adobe announcement here): "Adobe today shipped a critical Reader/Acrobat patch to cover a total of 17 documented vulnerabilities that expose Windows, Mac, and Unix users to malicious hacker attacks. The update, which affects Adobe Reader/Acrobat 9.3.2 and earlier versions, includes a fix for the outstanding PDF '/Launch' functionality social engineering attack vector that was disclosed by researcher Didier Stevens. As previously reported, Didier created a proof-of-concept PDF file that executes an embedded executable without exploiting any security vulnerabilities. The PDF hack, when combined with clever social engineering techniques, could potentially allow code execution attacks if a user simply opens a rigged PDF file." Relatedly, Brian Krebs blogs about the downsides of Adobe's increasingly Byzantine update process.

fp

First pwnst

I don't get it...

Why do people still use pieces of trash like Opera or Firefox or Chrome when Microsoft has shown that IE9 is the most HTML5 compliant browser out there. This paired with IE9's unparalleled record of security means that the only people still using these "alternative browsers" are ideologues or Loonix faggots.

Re:I don't get it...

I am disapproving payment for that post, too trollish and way to obvious.
Three more like that and we will have to review your employment agreement.

Re:I don't get it...

Sorry, Linus. I didn't mean to let down the Linux Foundation.

Thanks for the fix, adobe

[eudaemon]

I appreciate they probably had some QA to do in order to release this puppy and it took a while, but I loaded Evince, un-installed flash and called it a day. If you can't see it on youtube using their HTML 5 beta then that's a real good time to boot up Linux even if it's just in Xen or Oracle/Sun Virtualbox running on Windows. It works just fine for web browsing and less zero day exploits.