Feb7
1:52 am (UTC-7)   |   by Paul Ferguson (Advanced Threats Researcher)

There have been a couple of very important updates to Adobe Reader and QuickTime within the past couple of days.

First, Adobe patched a major vulnerability that could allow code execution in the Adobe Reader, which in turn could lead to the compromise of a PC.

The patch is included in Adobe Reader 8.1.2 update, which apparently fixes at least one known critical issue which could allow malicious .pdf files to be used in code execution attacks.

Secondly, QuickTime 7.4.1 patches a previously discovered vulnerability for a heap buffer overflow condition in QuickTime’s handling of HTTP responses when RTSP (Real Time Streaming Protocol) is enabled, which could lead to malicious code execution.

Advice: Patch now.

One further note: This highlights the fact that it not only your Operating System or Browser that needs to be updated from time-to-time with regards to security vulnerabilities — every piece of “third-party” software installed on your PC will also eventually need to be updated when vulnerabilities are found.

“Fergie”, a.k.a. Paul Ferguson
Internet Security Intelligence
Advanced Threats Research

If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting!



This entry was posted on Thursday, February 7th, 2008 at 1:52 am and is filed under Security . Responses are closed, but you can trackback from your own site.



Comments are closed.


Looking For Pyrenees Travel Info Unwittingly Leads Users to Malware
Notes On The Importance of Correct Contact Information


 
TrendWatch Hijack This Web Protection Add-On
Free Online Virus Scan Rootkit Buster Submit Suspicious Files
Global Malware Map RUBotted? Trend Micro
 

 
© Copyright 2009 Trend Micro Inc. All rights reserved. Legal Notice