Adobe confirms PDF security hole in Reader

The software maker has acknowledged a security hole that could allow an outsider to run malicious code on a compromised system, but has no timeline for a fix
Written by Ben Woods, Contributor on

Adobe has confirmed the existence of security flaw in Adobe Reader that could, if exploited, allow an intruder to remotely run malicious code on an affected system.

The integer overflow vulnerability is related to how the PDF-reading software parses fonts, according to Independent Security Evaluators researcher Charlie Miller, who presented a proof-of-concept attack for the flaw at the Black Hat security conference in Las Vegas on 25 July.

Adobe acknowledged on Wedneday that it is working on a patch for the problem, but could not give expected timing for its release.

"We are aware of the vulnerability reported by Charlie Miller at Black Hat," Adobe said. "At this time, we are evaluating whether to distribute a fix for this vulnerability as part of the next quarterly update for Adobe Reader and Acrobat, or as an 'out-of-band' security update. As soon as a determination has been made, we will provide an update."

There are no public reports of the security hole being exploited in the wild.

The flaw is the latest in a long line of vulnerabilities found within Adobe's PDF software. The most recent flaw in Reader was patched on 29 June (bringing the software version up to 9.3.3) but Vietnamese researchers at Bkis found that the patch could be circumvented. Adobe acknowledged the problem, but said that it took advantage of functionality designed to be a part of the PDF, rather than a flaw.

A vulnerability that exploits a PDF's font handling on iPhones and iPod Touches also came to light on Wednesday with the release of a tool designed to jailbreak the devices.

According to ZDNet UK's sister site CNET News, the Apple vulnerability relies on two distinct vulnerabilities and two distinct exploits. One flaw is in the way the browser parses PDF files, enabling the code to get inside a protective sandbox, and the other hole allows code to break out of the sandbox and get root — or control — privileges on the device.

An Apple spokesperson said that the company is aware of the issue and is investigating.

Editorial standards