San Jose (CA) - Adobe released a patch for its Acrobat 8 and Reader 8 PDF viewer, addressing a recently discovered security vulnerability that enables attackers to lure users into opening a specifically crafted PDF file, usually sent as an email attachment.
According to Core Security, the problem can cause a stack buffer to overflow when parsing malicious PDF files. The vulnerability found in version 8 of Acrobat enables an attacker to gain access to computer system with the respective rights of the user running Acrobat Reader 8. A successful exploit of the vulnerability requires a user to simply open a malicious PDF.
Adobe quickly fix the problem, which is the only one found in Adobe Reader 8.1.2 and Adobe Acrobat 8.1.2 so far. The application should prompt users to update the application upon startup. The manual update process works through the Help/Check for Updates menu.