Adobe Confirms PDF Information Leakage Flaw, Promises Fix 5/14

rated by 0 users
This post has 1 Reply | 0 Followers

Top 10 Contributor
Posts 26,721
Points 1,208,725
Joined: Sep 2007
News Posted: Mon, May 6 2013 2:31 PM
Adobe is getting the word out that a flaw related to its Acrobat and Reader software can cause some data leakage from PDFs. The company’s Product Security Incident Response Team (PSIRT) noted the issue on its blog and promised to solve the problem with the next security update to Adobe Reader and Acrobat, which is slated for May 14th.

Adobe's California Offices
Adobe's headquarters in San Jose, Calif. Image credit: Adobe

Adobe views the data leakage issue to be a “low severity” problem, as the only information that ends up being exposed is the users IP address and timestamp. The problem only occurs when a “specially crafted PDF” is opened, according to Adobe. Security firm McAfee Labs, which recently reported on the issue, says that hackers could use the flaw to track PDFs to see where they’re opened (based on the IP address) and when they’re opened. There is some evidence that hackers are using the flaw, but because little damage can be done with it, the problem doesn’t seem to warrant an emergency fix.
  • | Post Points: 20
Top 150 Contributor
Posts 619
Points 5,260
Joined: Dec 2011

Why do people use Adobe for PDFs? Seriously.

  • | Post Points: 5
Page 1 of 1 (2 items) | RSS