Slashdot Mirror
New Adobe PDF Zero-Day Under Attack
Rahmmp writes "Adobe has sounded an alarm for a new zero-day flaw in its PDF Reader/Acrobat software, warning that hackers are actively exploiting the vulnerability in-the-wild. An Adobe spokeswoman described the attacks as 'limited' but warned that that could change with the availability of public samples and exploit code."
Whenever we have a credible PDF exploit story, the slashdot fine summary always links to a reliable PDF document that explains the exploit in detail. Sorry, not buying this one.
Help stamp out iliturcy.
If the exploit affects spelling, you have cause for concern
We invest a TON of $$ and hours into security. In fact, our security team pulls themselves inside out to fix things in a timely manner. Adobe takes security VERY seriously as we have governments all over the world trusting secrets to us. Nevertheless, as hackers focus shifts away from O/S exploits towards application level, there will likely be further attempts to compromise PDF readers. We will be vigilant and we will rise to meet future threats as they happen.
COS based PDF is also incredibly complicated if you adopt the entire ISO 32000 specification and expose the scripting and coding API's developers want. When you can write code to pinpoint the quads and move a point of one UTF 16 character within a book, that is powerful. Enough said on that.
Oh - and we are not lazy as some have suggested. My team pulled a 32 hour session last week.
- the adobe1
I'm pretty sure we have this argument every time someone mentions zero day. If we could have a zero day bricking, we could have the best thread ever.
Meanwhile, how do I know if I'm alreadt pwned?
It's all explained in this FREE guide. Just download our convenient PDF for more information.
Only on slashdot ?
New things are always on the horizon
You start slurring your y's.
The link seems to be broken.
I've had enough abrasive sigs. Kittens are cute and fuzzy.