<br><font size=2 face="sans-serif">This one DOES affect us Mac users! 8-}</font>
<br>
<br><font size=6><b>Adobe issues alert over Acrobat bug</b></font>
<p><font size=3>Matthew Broersma, Techworld.com</font>
<p><font size=3>18/08/2005 07:15:48</font>
<p><font size=3>Acrobat and Acrobat Reader, two of the most widely used
desktop applications, contain serious security flaws that could be used
to take over a system, according to Adobe. </font>
<p><font size=3>The company has urged users to update the software immediately.
</font>
<p><font size=3>Adobe Reader is Adobe's tool for reading PDF files, while
Acrobat can also create PDF files and has other more advanced features.
Affected are Reader and Acrobat versions 5.1, 6.0 to 6.0.3, and 7.0 to
7.0.2. Users can update to versions 5.2, 6.0.4 or 7.0.3 via the software's
built-in automatic update or via a manual download from Adobe's site. </font>
<p><font size=3>The bug is found in a core application plug-in found in
both Acrobat and Reader, according to Adobe, and could be exploited by
tricking the user into opening a malicious PDF file. Because PDFs can be
embedded into Web pages, such an attack wouldn't necessarily require any
user intervention. </font>
<p><font size=3>"If a malicious file were opened it could trigger
a buffer overflow as the file is being loaded into Adobe Acrobat and Adobe
Reader," Adobe said in its advisory. "A buffer overflow can cause
the application to crash and increase the risk of malicious code execution."
</font>
<p><font size=3>US-CERT, the US Computer Emergency Readiness Team, issued
its own advisory on the flaw. FrSIRT, the French Security Incident Response
Team, and independent security firm, Secunia, both assigned the bug highly
critical ratings. </font>
<p><font size=3>Network administrators may not have much leisure to patch
- hackers have recently been taking less time to come up with worms that
exploit known vulnerabilities in widely used software. A bug in Microsoft
Windows Plug n Play, patched last Tuesday, quickly morphed into exploit
code, and then into worms such as Zentob, which on Tuesday successfully
disrupted systems at CNN, The New York Times, ABC and other large organisations
in the US, Germany and Asia. </font>
<p><font size=3>The bug went from disclosure to widespread worm attacks
within a week, one of the fastest-developing security threats so far, security
experts said.</font>
<p><font size=3>*******************</font>
<br>
<br><font size=2 face="sans-serif">The Adobe link to this issue is at:</font>
<br>
<br><font size=2 face="sans-serif">http://www.adobe.com/support/techdocs/321644.html</font>
<br>
<br><font size=2 face="sans-serif">Cheers,</font>
<br>
<br><font size=2 face="sans-serif">Coj</font>