Adobe Cautions Users Against Installing Unofficial Security Patches

  /     /     /  
Publicated : 22/11/2024   Category : security


Adobe Cautions Users Against Installing Unofficial Security Patches


RamzAfzar has issued a homemade patch for the CoolType.dll zero-day vulnerability in Adobe Acrobat and Adobe Reader, but Adobe is urging users to wait for the official patch due October 4.



Penetration testing firm RamzAfzar
issued a homemade patch
for the CoolType.dll zero-day vulnerability in Adobe Acrobat and Adobe Reader earlier this week. Adobe has said it will release an official patch for the vulnerability on October 4, 2010.
The bug first came to light earlier this month after a
zero-day exploit
targeting the vulnerability appeared. The vulnerability itself stems from a boundary error within the font parsing in CoolType.dll and can be exploited to cause a stack-based buffer overflow, according to vulnerability research firm Secunia.
RamzAfzar said, After initial analysis weve discovered that exploit exists in insecure strcat call located in CoolType.dll. Strcat allows
memory blocks
to be appended to each other in the C programming language. Weve decided to modify this strcat call and convert it to strncat. Why? Because strncat at least receives the buffer size and how much bytes you want to copy from src [source] to dest [destination].
In other words, the RamzAfzar fix adds a size operator which prohibits a buffer overflow through a bit of in-line patching. You can download this CoolType.dll and put it in your Acrobat Reader folder, simply overwrite old CoolType.dll and youll be secure, provided youre using Acrobat 9.3.4.
It took … about 2 hours, I want to know why Adobe needs 20 days, according to RanzAfzar.
After the patch emerged, however, Adobe cautioned users against applying it. According to Kaspersky Labss
Threatpost
, Adobe said that there are always risks involved with installing software from unknown sources. In particular, the company warned that a DLL file has the same capabilities as an executable file. In addition, the firm also told Threatpost that the change to the DLL might break functionality in the product that could disrupt critical workflows.
RamzAfzar
posted a response
on Twitter: Adobe said users with our patch will not be able to update, its simply wrong, its not first time were patching Adobe for customers.
Likewise, on Thursday, security researcher Didier Stevens, who has extensive experience with vulnerabilities in Adobes products,
reported
on his Twitter feed that hed assessed the homemade patch: Took a look at @Ramz_Afzar s patch. Does as advertised, and nothing more.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security

▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security

▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Adobe Cautions Users Against Installing Unofficial Security Patches