Over a month after security analyst Petko D. Petkov publicly revealed a zero-day security flaw affecting Adobe's Reader software on Windows XP, Adobe has finally plugged the hole. As Newsfactor reports, Adobe has released updated versions of its Acrobat and Reader applications with fixes. The new Adobe Reader is available here, while an update for Adobe Acrobat 8 is up over on this page.
Adobe owned up to the existence of the security hole, which could be exploited to allow attackers to take over a Windows system via nothing more than a maliciously crafted PDF file, just over two weeks ago. The company then published a workaround that involved editing the Windows registry to update program settings, and it said it would have patches out shortly.
Those patches may be out now, but hackers have already had time to develop malware that exploits the flaw on unpatched systems. NewsFactor says security firm iSight Partners uncovered spam e-mail with attached PDFs that taps the vulnerability to install rootkit files on victims' systems. The malware is installed in the Windows directory as 9129837.exe and new_drv.sys files, and it's reportedly designed to steal financial data from target PCs. Symantec also reports that a trojan known as Pidief.A has been disseminated using the PDF vulnerability. According to NewsFactor, users of Windows XP who also run Internet Explorer 7 are targeted.
|Geil lights up its Evo X ROG-certified RAM||0|
|Google Compute Engine is now powered in part by Pascal||6|
|EVGA slaps 12 GT/s memory on the GTX 1080 Ti FTW3 Elite||11|
|G.Skill unleashes AMD-ready Trident Z RGB kits up to 3200 MT/s||10|
|Asus' ZenFone 4 Pro offers high-end photography and networking||17|
|Radeon 17.9.2 drivers put the pedal to the metal for Project Cars 2||4|
|ROG Strix X299-XE Gaming motherboard is rather groovy||4|
|Miniature Golf Day Shortbread||18|
|GeForce 385.69 drivers are Game Ready for a ton of titles||2|