The third-party patch released yesterday by security firm RamzAfzar was purportedly developed in two hours, and has been released well ahead of the projected October 4th release date for the official Adobe patch.
The Nerdy Details
If you aren’t a security nerd, feel free to skip to the next section. Otherwise, read on!
The vulnerability itself is rooted in the use of an unsafe method for memory manipulation, which RamzAfzar claims to have fixed by replacing the insecure calls with code that prevents an attacker from gaining control of a target computer with the exploit.
While Adobe is correct to warn users that installing an unofficially patched DLL containing program code is a risk in itself, the fact remains that the original bug is both embarrassing and costly, considering it is a well-known attack vector in most software and could have easily been prevented.
The function call at the core of the issue is “strcat”, which copies data from one memory location to another, but doesn’t validate the amount of information to transfer, whereas the revised “strncat” was developed specifically to prevent this sort of vulnerability.
Avoiding the Bug
If you’re using Adobe Reader, there’s not much you can do to avoid the bug until Adobe releases its update. You can, however, install an alternate PDF reader, such as Foxit Reader for Windows, which will help you avoid attacks on Adobe Reader. Mac users can use Preview, the image viewer bundled with Mac OS X. And we’ll let you know about the official Adobe update as soon as it’s released.
[via Threatpost]
More for PCWorld’s GeekTech blog…
- Trojan Monitors Your Porn Surfing Habits, Threatens to Blackmail You
- Another SMS Trojan Appears on Android Phones
- Ika-tako Virus Replaces Your Files With Octopus Photos