Adobe Patches Zero-Day VulnerabilityMarch 10, 2009 – 5:06 PM
Adobe released a patch today for a zero-day vulnerability under attack by hackers.
The patch, available for version 9 of Adobe Reader and Adobe Acrobat, comes a day earlier than the company’s planned release. Patches for earlier versions of the product are still slated for March 18.
The vulnerability is the result of an array indexing error in the processing of JBIG2 streams. Hackers can exploit the bug to corrupt arbitrary memory using a specially-crafted PDF file. If successful, attackers could gain control of a compromised system.