February 20, 2013

Adobe patches against PDF exploits that overran sandbox

Adobe on Wednesday made available a security update to its Reader and Acrobat software to close two vulnerabilities that are under active attack.

The update for Windows, Mac and Linux users comes about a week after researchers at security firm FireEye revealed that saboteurs were spreading targeted exploits to take advantage of an unpatched flaw in Reader 9.5.3, 10.1.5 and 11.0.1. Shortly after, Adobe confirmed that its software was susceptible to two bugs: CVE-2013-0640 and CVE-2013-0641.

Attacks against the flaws appeared able to bypass sandbox protection that Adobe had put in place.

Users can automatically update their software, and additional patching details are available in a security bulletin from Adobe here.

Related Articles
Related Topics

Sign up to our newsletters

More in News

Three LulzSec members plead guilty in London

Ryan Ackroyd, 26; Jake Davis, 20; and Mustafa al-Bassam, 18, who was not named until now because of his age, all admitted their involvement in the hacktivist gang's attack spree.

WordPress tightens security with two-factor authentication

The new feature is immediately available for users and "secret" codes can be accessed via SMS or through the Google Authenticator app.

Microsoft fixes three "critical" flaws with Patch Tuesday release

The biggies are two vulnerabilities in Internet Explorer and a single weakness in Remote Desktop Connection.