Critical vulnerabilities PDF: Adobe publishes a burst of emergency patches

-

The publisher's PDF readers have 47 security vulnerabilities, 24 of which are considered critical and most of them allow executing arbitrary code on the machine. At least one of these flaws is exploited actively by hackers.

If you use Adobe Acrobat or Reader to read your PDFs, update your software immediately. The publisher has urgently released a flurry of patches to fill 47 flaws, including 24 considered critical. These vulnerabilities affect Acrobat DC software, Acrobat Reader DC, Acrobat 2017 and Acrobat Reader DC 2017, both on Windows and MacOS. Needless to say, this update is ranked at the highest level of priority.

It must be said that there is enough to blight. Among the 24 critical flaws, 22 allow the execution of arbitrary code, so to take control of the computer. As a user, it is usually sufficient to open a trapped PDF to get fooled. One of these vulnerabilities (CVE-2018-4990) is already being actively exploited on the Web, as noted by Eset security researchers. The latter recently got their hands on a trapped PDF that combined two zero-day faults, one in Acrobat and the other in Windows, to be able to execute arbitrary code with administrator privileges on the target machine.

Among the other flaws, one was found by Check Point Software researchers (CVE-2018-4985) who have already released demo code. It is only a matter of time before it is exploited by pirates in real attacks. To update your Adobe software, just go to the "Help" menu and select "Check for updates".

paypal,facebook,yahoo,mail,google,maps,ebay,amazon,barcelone,realmadrid,netflix,craigslist,AliCarter,Liverpool,AlfieEvans,YankeesVsAngels,RonanFarrow,YeVsThePeople,MesotheliomaLawFirm,Donate,CarToCharity,California,Donate,Car,ForTaxCredit,DonateCarsInMa;Insurance,Loans,Mortgage,Attorney,Credit,Lawyer,Donate,Degree,Hosting,Claimcashfear,softwares,money,football,SPORTNEWS,cars,carrental,cellphone,phonenumber,forex,torrent,voip,net,adsence,tollsspeakers,tipsspeakers,iphonespeakers,phones,iphone4,facebook,youtube,twitter,livematch,newslive,watchmatchforfree,watchlaligaforfree,watchserieAliveonjsc+,softwares,football,SPORTNEWS,cars,carrental,cellphone,phonenumber,forex,torrent,voip,net,adsence,tollsspeakers,tipsspeakers,iphonespeakers,phones,iphone4,facebook,youtube,twitter,livematch,newslive,watch match for free,watch laliga for free,watch serie A live on jsc+,windows 7,windows 8


Commentaires

Enregistrer un commentaire

CALL US

Nom

E-mail *

Message *

Posts les plus consultés de ce blog

We tested the Nuraphone, the headset that fits your hearing

-
Image
The Nuraphone is an innovative model both for its sound customization system and the design of its headphones. Is it enough to make a difference? How to offer the best possible sound for headphones? The Australian company Nura have tackled this thorny problem and have designed a revolutionary model: the Nuraphone, sold about 400 euros. This helmet is distinguished by its design that combines the circum-auricular and the intra-auricular. The inside of the earpiece has a tip that is placed at the entrance of the ear canal to transmit the sound more directly than with conventional supra or circumauricular models. According to the manufacturer, the tip penetrates less into the duct than the in-ear headphones, which explains the unique size. We would have liked the choice between several sizes and people who do not like the headphones may not like this model either. Another potential problem often related to ear-phones, the restitution of the bass. To avoid this problem, Nura ...
Lire la suite

They turned Amazon Echo into an audio snitch

-
Image
Hackers have managed to create, in the smart enclosure, a seemingly innocuous application that continuously records conversations. With a microphone, smart speakers sometimes cause discomfort in some users who wonder if they do not record their words constantly. Checkmarx's hackers have just given some grit to this conspiracy theory as part of Amazon Echo. They developed a calculator in the form of a "skill", that is to say a voice application that extends the functionality of Amazon Echo. Just say "start calculator" to access and make calculations. Until then nothing abnormal. The problem is that the application continues to record the words of the user even if they are unrelated to the application. The speeches are then transformed into text and sent to the developer of the skill. To achieve this, hackers used a flaw in Amazon Echo's programming interface settings. Normally, a skill is supposed to turn off automatically after a certain time, when...
Lire la suite

Dolby Digital, Atmos or DTS ... what do these audio technologies hide?

-
Image
With the multiplication of audio formats, not easy to navigate to make the right choice. 01net.com explains the main ones to make sure you do not go wrong. Be immersed in a match and live the same atmosphere as the stadium? This is certainly what every football lover dreams about in front of his television. If the image participates more and more, including the broadcast of some matches in 4K, the audio is still the poor relation of sports retransmissions. However, we do not buy a TV only to watch football (well, normally). It is therefore good to know what the different formats used for cinema sound mean. Not always easy to cope with the acronyms and logos displayed on the data sheets of the devices or on the pockets of DVDs and Blu-ray discs. These are the latter that will usually give you the most systematic access to multichannel audio formats, with several voices in the front, rear and a subwoofer. Netflix also offers some compatible content, both movies and series. Two...
Lire la suite