Software vendor Adobe says it is investigating claims that instructions for exploiting a previously unknown critical security hole in the latest versions of its widely-used PDF Reader software are being sold in the cybercriminal underground.
The finding comes from malware analysts at Moscow-based forensics firm Group-IB, who say they’ve discovered that a new exploit capable of compromising the security of computers running Adobe X and XI (Adobe Reader 10 and 11) is being sold in the underground for up to $50,000. This is significant because — beginning with Reader X– Adobe introduced a “sandbox” feature aimed at blocking the exploitation of previously unidentified security holes in its software, and so far that protection has held its ground.
Adobe has issued a critical software update for its Flash Player software that fixes at least a dozen security vulnerabilities in the widely-used program. Updates are available for Windows, Mac, Linux, Solaris and Android versions of Flash and Adobe Air.
Adobe shipped updates to its PDF Reader and Acrobat products today to plug a critical security hole that attackers have been exploiting to break into computers. Fixes are available for Mac, Windows and Linux versions of these software titles. The… Read More »
Attackers are exploiting a previously unknown security flaw in Adobe’s ubiquitous Flash Player software to launch targeted attacks, according to several reliable sources. The attacks come less than three weeks after Adobe issued a critical update to fix a different… Read More »