Haven't updated your Adobe PDF software lately? Here's 85 new reasons to do it now

Acrobat, Reader get patched up against dozens of new holes


Adobe has posted an update to address 85 CVE-listed security vulnerabilities in Acrobat and Reader for both Windows and macOS.

The PDF apps have received a major update that includes dozens of fixes for flaws that would allow for remote code execution attacks if exploited. Other possible attacks include elevation of privilege flaws and information disclosure vulnerabilities.

Fortunately, Adobe said that none of the bugs was currently being targeted in the wild - yet.

adobe

Whoa, is it Patch Tuesday already? No, just an unexpected critical Photoshop fix

READ MORE

For Mac and Windows Acrobat/Reader DC users, the fixes will be present in versions 2019.008.20071. For those using the older Acrobat and Reader 2017 versions, the fix will be labeled 2017.011.30105.

Because PDF readers have become such a popular target for email and web-based malware attacks, users and admins alike would do well to test and install the updates as soon as possible. Exploit-laden PDFs have for more than a decade proven to be one of the most reliable ways to put malware on someone's machine.

In total, Adobe credited 19 different researchers with discovering and reporting the vulnerabilities. Among the more prolific bug hunters were Omri Herscovici of CheckPoint Software, who was credited for finding and reporting 35 CVE-listed bugs, and Ke Liu and Tencent Security Xuanwu Lab, who was credited with finding 11 of the patched Adobe vulnerabilities. Beihang University's Lin Wang was given credit for nine vulnerabilities.

While we're on the subject of massive security updates, both users and admins will want to mark their calendars for a week from Tuesday. October 9 is slated to be this month's edition of the scheduled 'Patch Tuesday' monthly security update.

In addition to the normally hefty Microsoft load of fixes for vulnerabilities in Windows, Edge, Internet Explorer, and Office, the Patch Tuesday dump also usually includes a number of fixes from Adobe for products like Flash Player. ®

Narrower topics


Other stories you might like

  • Microsoft fixes under-attack Windows zero-day Follina
    Plus: Intel, AMD react to Hertzbleed data-leaking holes in CPUs

    Patch Tuesday Microsoft claims to have finally fixed the Follina zero-day flaw in Windows as part of its June Patch Tuesday batch, which included security updates to address 55 vulnerabilities.

    Follina, eventually acknowledged by Redmond in a security advisory last month, is the most significant of the bunch as it has already been exploited in the wild.

    Criminals and snoops can abuse the remote code execution (RCE) bug, tracked as CVE-2022-30190, by crafting a file, such as a Word document, so that when opened it calls out to the Microsoft Windows Support Diagnostic Tool, which is then exploited to run malicious code, such spyware and ransomware. Disabling macros in, say, Word won't stop this from happening.

    Continue reading
  • Adobe lowers 2022 forecast, blames Ukraine war, strong dollar
    Extended 'summer season' also at fault, says software slinger as share price slides

    Creative software slinger Adobe booked in double-digit revenues rises in its latest quarter but lowered forecasts due to conflict in Ukraine and and currency challenges. As such, Wall Street frowned and the share price went down.

    The Photoshop maker reported turnover from sales of $4.39 billion for Q2 ended June 3, up 14 percent year-on-year. The vast bulk of this, some $4.07 billion, was subscription-based, something other software vendors must eye with some envy because investors love recurring revenues.

    The Digital Media division, which includes Creative Cloud and Document Cloud products, jumped 15 percent to $3.20 billion, higher than analysts had estimated. The Digital Experience wing was $1.1bn, up 17 per cent, again trumping analysts' projections of $1.08 billion.

    Continue reading
  • Adobe apologizes for repeated outages of its Creative Cloud video collaboration service
    Frame.io admits it was 'slow to scale as demand rose

    Adobe-owned cloudy video workflow outfit Frame.io has apologized and promised to do better after a series of lengthy outages to its service, which became part of Adobe's flagship Creative Cloud in 2021.

    Frame.io bills itself as "The fastest, easiest, and most secure way to automatically get footage from cameras to collaborators – anywhere in the world" because its "Camera to Cloud" approach "eliminates the delay between production and post" by uploading audio and video "from the set to Frame.io between each take." In theory, that means all the creatives involved in filmed projects don't have to wait before getting to work.

    In theory. Customers say that's not the current Frame.io experience. Downdetector's listing for the site records plenty of complaints about outages and tweets like the one below are not hard to find.

    Continue reading
  • Emotet malware gang re-emerges with Chrome-based credit card heistware
    Crimeware groups are re-inventing themselves

    The criminals behind the Emotet botnet – which rose to fame as a banking trojan before evolving into spamming and malware delivery – are now using it to target credit card information stored in the Chrome web browser.

    Once the data – including the user's name, the card's numbers and expiration information – is exfiltrated, the malware will send it to command-and-control (C2) servers that are different than the one that the card stealer module uses, according to researchers with cybersecurity vendor Proofpoint's Threat Insight team.

    The new card information module is the latest illustration of Emotet's Lazarus-like return. It's been more than a year since Europol and law enforcement from countries including the United States, the UK and Ukraine tore down the Emotet actors' infrastructure in January 2021 and – they hoped – put the malware threat to rest.

    Continue reading
  • HelloXD ransomware bulked up with better encryption, nastier payload
    Russian-based group doubles the extortion by exfiltrating the corporate data before encrypting it.

    Windows and Linux systems are coming under attack by new variants of the HelloXD ransomware that includes stronger encryption, improved obfuscation and an additional payload that enables threat groups to modify compromised systems, exfiltrate files and execute commands.

    The new capabilities make the ransomware, first detected in November 2021 - and the developer behind it even more dangerous - according to researchers with Palo Alto Networks' Unit 42 threat intelligence group. Unit 42 said the HelloXD ransomware family is in its initial stages but it's working to track down the author.

    "While the ransomware functionality is nothing new, during our research, following the lines, we found out the ransomware is most likely developed by a threat actor named x4k," the researchers wrote in a blog post.

    Continue reading
  • Symbiote Linux malware spotted – and infections are 'very hard to detect'
    Performing live forensics on hijacked machine may not turn anything up, warn researchers

    Intezer security researcher Joakim Kennedy and the BlackBerry Threat Research and Intelligence Team have analyzed an unusual piece of Linux malware they say is unlike most seen before - it isn't a standalone executable file.

    Dubbed Symbiote, the badware instead hijacks the environment variable (LD_PRELOAD) the dynamic linker uses to load a shared object library and soon infects every single running process.

    The Intezer/BlackBerry team discovered Symbiote in November 2021, and said it appeared to have been written to target financial institutions in Latin America. Analysis of the Symbiote malware and its behavior suggest it may have been developed in Brazil. 

    Continue reading

Biting the hand that feeds IT © 1998–2022