There is nothing particularly unusual in Adobe Reader having an unpatched vulnerability. If you use Adobe reader, you’re used to having to wait for Adobe to release another patch to correct another vulnerability.
Once the fix is released you’ll be safe – at least temporarily; but only until the next bug is discovered.
The latest bug in Adobe Reader, CoolType.dll, which was disclosed on September 10, won’t be patched until October 4. In the meantime, if you’re a user of this application, take a look at this YouTube video which illustrates just how easy it could be for a hacker to penetrate your computer system by exploiting this vulnerability.
Click on the graphic to watch the clip.
A big thank you to my Blogging buddy Dan Dieterle over at Cyberarms, for putting me on to this video. Dan has tested this exploit, and confirms that it works.
For additional information, checkout Dan’s article – Adobe Reader PDF 9.3.4 “Cooltype Sing” Zero Day Exploit.
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.