Home » News » Vulnerabilities » Adobe Reader PDF patches the flaw disclosed at Black Hat

Adobe Reader PDF patches the flaw disclosed at Black Hat

By Gina on August 20, 2010 | Vulnerabilities, Adober Reader PDF, patch, vulnerability, flaw, bug, security bulletin Adobe Reader PDF patches the flaw disclosed at Black Hat

As the hole in an Adobe’s Reader was disclosed at the conference of Black Hat security conference, Adobe patched the flaw at last. Today Adobe released security update to patch the hole.

At July's Black Hat event in Las Vegas, Charlie Miller found out about the vulnerability where he told about how the open-source BitBlaze toolkit could boost bug-hunting productivity. He also added that the bug was in Reader's and Acrobat's font parsing.

An interesting thing happened that Adobe knew about this flaw before Miller disclosed it and in that way Google security engineer Tavis Ormandy was credited for this finding by Adobe not Miller.

In an Adobe’s security bulletin there is classified both Ormandy's bug and another vulnerability patched today as critical. As usuall for Adobe, it reported very poor details about the bug. The second flaw was only described as one that "further mitigate[s] a social engineering attack." Adobe forget to say that it already patched the bug.

More Vulnerabilities news

Denial-of-service flaw is fixed by Oracle

Denial-of-service flaw is fixed by Oracle

Recently, Oracle released a patch which fixed denial-of-service vulnerability in the Oracle WebLogic Server, Application Server and iPlanet Web Server. In a security bulletin Oracle warned that "vulnerability may be remotely exploitable without authentication, i.e., it may be exploited over a network without the need for a username and password." Oracle pointed out that a fix for the same vulnerability in the GlassFish Server was released last month. Read more.


News categories

Latest news

Related news