Adobe Reader Patches 'Incomplete'

A Google security team is warning that Adobe has passed on fixing a number of vulnerabilities in its Reader software for viewing PDF documents.

Adobe released a new version of Reader on Tuesday that fixed about 20 vulnerabilities in the Mac and Windows versions of the product. Despite the large number of flaws addressed in the patches, a number of serious vulnerabilities remained untouched, according to an analysis released on Wednesday by Mateusz Jurczyk and Gynvael Coldwind of Google.

Google's interest in Reader is the result of having the PDF viewer embedded in the search engine's Chrome browser. Earlier this year, the Google team started testing the application for exploitable bugs exposed through crashes of the viewer.

While Adobe fixed vulnerabilities rated high and critical, lesser flaws were untouched. "Unfortunately, 16 more crashes affecting Windows, OS X, or both systems remain unpatched," the Google security team said.
Click to expand...

Read more at:
Adobe Reader Patches 'Incomplete' | PCWorld Business Center
 
Click to expand...
You must log in or register to reply here.
Back
Top