Researcher posts homemade patch for critical PDF bug
Beats Adobe to the patch punch by more than two weeks
A security researcher has published a home-brewed patch for a critical Adobe Reader vulnerability that hackers are exploiting in the wild using malicious PDF files, beating Adobe Systems Inc. to the punch by more than two weeks.
Lurene Grenier, a vulnerability researcher at intrusion-prevention vendor Sourcefire Inc., posted the patch Sunday with the caveats that it applies only to the Windows version of Adobe Reader 9.0 and comes with no guarantees.
"The patch is just a replacement .dll -- AcroRd32.dll to be precise," said Grenier in a post to the Sourcefire vulnerability research blog. The .dll, which weighs in at 19MB, replaces the existing file in the "C:\Program Files\Adobe\Reader 9.0\Reader\" directory on Windows machines.
"No warranty expressed or implied, etc. etc.," concluded Grenier.
Although hackers have been exploiting the flaw in Adobe Reader since at least Feb. 12 -- the date that Symantec Corp. researchers first found the attack code in the wild -- Adobe said last week that it may not patch the problem until March 11.
In a security advisory the company issued last Thursday, Adobe confirmed that Versions 7, 8 and 9 of both Reader and Adobe Acrobat, an advanced PDF-creation application, contain the flaw. It plans to patch Versions 7 and 8 at an unspecified date after it fixes Version 9 next month.
It's rare that a patch surfaces from a source other than the software's maker, but Grenier's move isn't without precedent. In 2006, and then again the following year, a group of security researchers who called themselves ZERT (Zeroday Emergency Response Team), issued several unauthorized patches for bugs in Microsoft Corp.'s Windows and Internet Explorer.
In other news, exploit code for the Adobe bug has gone public, hitting the Milw0rm.com site earlier today. Last week, security experts speculated that attack code would quickly end up in the multiexploit kits that hackers now favor.
Grenier's patch can be downloaded via a link from the Sourcefire site.
- EndPoint Interactive eGuide In this eGuide, Network World, Computerworld, and CIO examine two endpoint trends - BYOD and collaboration - and offer tips and advice on...
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- Cybersecurity Imperatives: Reinvent your Network Security The Rise of CyberSecurity
- Surescripts Case Study- Securing Keys and Certificates Surescripts implemented Venafi's Trust Protection Platform™ to secure digital keys and certificates, ensure the privacy and confidentiality of electronic clinical information for its...
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities.
- Deep Dive into Advanced Networking and Security with Hybrid Cloud Security and networking are among the top concerns when moving workloads to the cloud. VMware vCloud® Hybrid Service™ enables you to extend your... All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!