X
Tech
Home Tech Security

Researchers find hole in Adobe fix

The out-of-cycle Adobe Reader and Acrobat patch released on Tuesday has failed to remedy an issue that could allow an attacker to run malicious code, according to a Vietnamese security company.
Written by Ben Woods, Contributor

The out-of-cycle Adobe Reader and Acrobat patch released on Tuesday has failed to remedy an issue that could allow an attacker to run malicious code, according to a Vietnamese security company.

The version 9.3.3 update for the PDF software products was designed to plug several security problems, including one connected with the Launch dialogue box that could coax a user into opening an embedded executable file. Belgian security researcher Didier Stevens, who reported the issue to Adobe in March, confirmed in a blog post following the release of the patch that the problem was fixed.

However, according to Bach Khoa Internetwork Security centre (Bkis), the update has failed to fully remedy the issue, which Vietnamese antivirus provider said is being used by viruses in attacks. In a post on the Bkis security blog, senior security researcher Le Manh Tung argued that the fix could still be circumvented.

For more on this story, read Researchers find workaround for Adobe PDF fix on ZDNet UK.

Editorial standards
Show Comments

Related

GOTRAX 4 electric scooter

This thumb-sized accessory gave my old PC an instant speed boost

Sony Ult Field 1 orange speaker against skyline

Finally, a portable Bluetooth speaker that sounds incredible but won't break the bank

asus-zenbook-14-main

The work laptop I recommend to most people is not made by Apple or Lenovo