Andre Yoskowitz
12 Sep 2010 20:09
Adobe has warned this week that a new security flaw in Reader and Acrobat is now being exploited, allowing for hackers to take over victim's systems.
The company says the vulnerability can "cause a crash and potentially allow an attacker to take control of the affected system."
Affected softwares are Adobe Reader 9.3.4 and earlier for Windows and Mac, and Acrobat versions 9.3.4 and earlier for both operating systems.
While Adobe would not give technical details on the flaw, security firm Secunia said it was caused by a "boundary error within the font parsing in CoolType.dll and can be exploited to cause a stack-based buffer overflow by ... tricking a user into opening a specially crafted PDF file."
Adobe says they are working with the security community to work on a patch.