Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cybersecurity
    • IT Management
    • PC Hardware

    Adobe Advises Users Be Wary of Unofficial Security Patches

    By
    Brian Prince
    -
    September 17, 2010
    Share
    Facebook
    Twitter
    Linkedin

      Adobe Systems is advising users to be cautious before applying an unofficial patch provided by a security company for an zero-day being exploited in the wild.

      Earlier this week, security firm RamzAfzar released an unofficial fix for the flaw, which Adobe has said it plans to patch in the coming weeks. The bug, which affects Adobe Reader and Adobe Acrobat, is due to a boundary error within CoolType.dll when processing the “uniqueName” entry of SING tables in fonts.

      If exploited, the issue–which affects Reader and Acrobat versions 9.3.4 and earlier on Windows and Macs–could allow attackers to hijack a vulnerable system. The bug also affects Reader on Unix as well.

      Adobe first warned the flaw was under attack Sept. 8. Five days later, the company said it would patch the issue with an update during the week of Oct. 4. However, RamzAfzar issued a fix of its own, contending that users need protection until the patch is ready.

      “It’s really long time for customers being vulnerable and navigate Internet with this conditions or opening a single PDF file using Adobe Acrobat reader,” the company said. “So we’ve decided to go on and patch this easy vulnerability and protect at least our customers and all other interested people.”

      The company’s patch alters the insecure strcat call in the CoolType.dll.

      “This call doesn’t check length of src and dest parameter of strcat, so if Embedded Gaiji Font in PDF file includes a SING table with large UniqueName (like 300xA) stack will be destroyed and you’ll be able to execute code with some techniques (like ROP method for bypassing DEP which is already implemented in the sample of this exploit found in the wild),” the company said. “We’ve decided to modify this strcat call and convert it to strncat. Why? Because strncat at least receives the buffer size and how much bytes you want to copy from src to dest.”

      Adobe told eWEEK it has tested the RamzAfzar patch and it appears to work. However, Adobe also advised users that they should keep several things in mind before using an unofficial patch. First, a .DLL file is equivalent to an .EXE, and “users should never install executables from an untrusted publisher on their machine.” Also, users have no assurances subsequent updates will work correctly if unofficially patches are applied, and a change to the DLL might break functionality in the product that could disrupt “critical workflows.”

      RamzAfzar did not respond to an eWEEK request for comment, but on Twitter the company denied that its patch causes Adobe users any problems.

      For user anxious about attacks, Microsoft’s Enhanced Mitigation Experience Toolkit 2.0 offers some protection against attacks in the wild.

      *This story was corrected to change a misspelling in the headline.

      Avatar
      Brian Prince

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×