Slashdot Mirror


Google Employees Find 60 Security Holes In Adobe Reader

sl4shd0rk writes "Upon examining the PDF Engine behind Google Chrome, Google employees Mateusz Jurczyk and Gynvael Coldwind discovered numerous holes. This led them to also test Adobe Reader, which turned up around 60 holes which could crash the PDF reader, 40 of them being potential attack vectors. The duo notified Adobe, who promised fixes, but as of the latest updates (Tuesday of this week) for Windows and Macintosh, 16 of the reported flaws are still present (the Linux version has been ignored). To prove it, Mateusz and Gynvael obfuscated the info and released it, saying the unpatched holes could easily be found. The Google employees therefore recommend that users refrain from opening any PDF documents from external sources in Adobe Reader."

3 of 164 comments (clear)

  1. Lets get this started... by nighthawk243 · · Score: 3, Funny

    >Adobe in charge of security.

  2. Irresponsible disclosure by Hatta · · Score: 3, Funny

    Google was irresponsible in not publishing these holes immediately so affected users could take steps to mitigate their vulnerability while Adobe put together a patch.

    --
    Give me Classic Slashdot or give me death!
  3. Fucking Slackers! by Anonymous Coward · · Score: 4, Funny

    Those fucking slackers could only find 60 holes in that Swiss cheese? And, they couldn't even bother looking at Flash!

    Oops, I have to go. My PC needs to reboot after the third Flash and Reader update today.