Researcher posts homemade patch for critical PDF bug
Beats Adobe to the patch punch by more than two weeks
A security researcher has published a home-brewed patch for a critical Adobe Reader vulnerability that hackers are exploiting in the wild using malicious PDF files, beating Adobe Systems Inc. to the punch by more than two weeks.
Lurene Grenier, a vulnerability researcher at intrusion-prevention vendor Sourcefire Inc., posted the patch Sunday with the caveats that it applies only to the Windows version of Adobe Reader 9.0 and comes with no guarantees.
"The patch is just a replacement .dll -- AcroRd32.dll to be precise," said Grenier in a post to the Sourcefire vulnerability research blog. The .dll, which weighs in at 19MB, replaces the existing file in the "C:\Program Files\Adobe\Reader 9.0\Reader\" directory on Windows machines.
"No warranty expressed or implied, etc. etc.," concluded Grenier.
Although hackers have been exploiting the flaw in Adobe Reader since at least Feb. 12 -- the date that Symantec Corp. researchers first found the attack code in the wild -- Adobe said last week that it may not patch the problem until March 11.
In a security advisory the company issued last Thursday, Adobe confirmed that Versions 7, 8 and 9 of both Reader and Adobe Acrobat, an advanced PDF-creation application, contain the flaw. It plans to patch Versions 7 and 8 at an unspecified date after it fixes Version 9 next month.
It's rare that a patch surfaces from a source other than the software's maker, but Grenier's move isn't without precedent. In 2006, and then again the following year, a group of security researchers who called themselves ZERT (Zeroday Emergency Response Team), issued several unauthorized patches for bugs in Microsoft Corp.'s Windows and Internet Explorer.
In other news, exploit code for the Adobe bug has gone public, hitting the Milw0rm.com site earlier today. Last week, security experts speculated that attack code would quickly end up in the multiexploit kits that hackers now favor.
Grenier's patch can be downloaded via a link from the Sourcefire site.
- Securing Mobile App Data - Comparing Containers and App Wrappers Analysts agree that Mobile Device Management (MDM) is not enough when it comes to securing app data. Although it remains a critical component...
- PCI 3.0 Compliance In this white paper, learn how PCI-DSS 3.0 effects how you deploy and maintain PCI compliant networks using CradlePoint devices.
- Mitigating Security Risks at the Networks Edge This white paper provides strategies and best practices for distributed enterprises to protect their networks against vulnerabilities, threats, and malicious attacks.
- 5 Strategies for Modern Data Protection Read the five strategies for modern data protection that will not only help solve your current data management challenges but also ensure that...
- Business-driven data protection Setting up data protection infrastructures with your organizations' core mission or business in mind is key. In this webinar, the ARCserve team will...
- On-Demand Webinar: Mind the Gap! Watch the webinar featuring Bob Janssen, CTO and Co-Founder of RES Software, to start building a solid foundation for business and IT to... All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!