Adobe Acrobat Reader Security Vulnerability

ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > General Software Discussion

<< < (4/4)

Eóin:
While not the same thing the pointing fingers of blame onto ms reminds me of the IE-Firefox Exploit fiasco.

SKA:
<If the exploit can happen just by opening a .pdf file, without clicking the link, the problem is with Adobe, not Microsoft>

Well f0dder <grin> MS doesnt agree with you - they owned up to it being a Windows XP+IE7 bug per Betanews:

http://www.betanews.com/article/Confirmed_Adobe_PDF_Flaw_Actually_XP_Bug_Says_Microsoft/1192118748

SKA

f0dder:
Well f0dder <grin> MS doesnt agree with you - they owned up to it being a Windows XP+IE7 bug per Betanews:
http://www.betanews.com/article/Confirmed_Adobe_PDF_Flaw_Actually_XP_Bug_Says_Microsoft/1192118748
-SKA (October 14, 2007, 12:40 AM)
--- End quote ---
They actually don't disagree.

What Microsoft has patched is the ShellExecute function, which didn't do proper verification. But if something can get to ShellExecute without user intervention, you have a serious problem...

Navigation

[0] Message Index

[*] Previous page

Go to full version