Adobe plans to release an emergency update patching a critical vulnerability in its ubiquitous Reader application that was disclosed at last week's Black Hat security conference in Las Vegas. The fix will be made available during the week of August 16 for Windows, Mac OS X, and Unix versions of Adobe Reader 9.3.3, company …
Is this related to the iOS4 jailbreak flaws?
And is it possible the daily continued heavy beatings from Apple are finally having an effect?
"By default, there's no separate PDF viewer on an iPhone. Instead, PDF viewing is built into the Safari browser," Hypponen told El Reg. "The attack uses a corrupted font placed inside a PDF file to crash the Compact Font Format (CFF) handler."
"This is not an Adobe bug. It's an Apple bug," he added.
In a word: No
Anonymous Coward, the critical PDF vulnerability in the iPhone is of Apple's making, since it resides in PDF viewing software in Mobile Safari. The iPhone doesn't use Adobe Reader. The bugs are completely unrelated.
Plans? PLANS? This is news?!?
I plan to travel to the land of the rising sun, find the female definition of kawaiï, live happily ever after. Doesn't mean it will happen. Actually, I'm probably more likely to win the lottery. It's nice they're planning to patch a security fail, but isn't this something we ought to really expect from a company that's pushed its wares into the internet mainstream?
Thus, to badly misquote a popular film: Show me the patch.
Say it with me, SHOW ME THE PATCH. SHOW ME THE PAAAAAATCH!
Ubiquitous it certainly isn't. There are platforms which Adobe does not support so they have to rely on !PDF, APDF, XPDF, Ghostscript etc. And of course Mac users have Preview.
Still totally clueless
Are they ever going to understand? It's a fucking READER. If it has any functions that need to run in a sandbox, REMOVE THE BUGGERS.
Surely it'd be more appropriate for Adobe to use a litter tray?
Good idea, until the nasties find a way to get around it.