I'd be interested in knowing just how you're supposed to get Adobe 7.0.1 or where this "vendor patch" is supposed to be. I checked Adobe Reader 6, and it states "no updates available" when you try and update it, even though 7.0 is available! Adobe only has the 7 version available at their site. So does anyone know how we are supposed to get v7.0.1? -Clint
God Bless Clint Hamilton, Owner http://OrpheusComputing.com ) http://ComputersCustomBuilt.com ----- Original Message ----- From: "Support-OrpheusComputing.com" TITLE: Adobe Reader Local Files Detection Weakness SECUNIA ADVISORY ID: SA14813 VERIFY ADVISORY: http://secunia.com/advisories/14813/ CRITICAL: Not critical IMPACT: Exposure of system information WHERE: >From remote SOFTWARE: Adobe Reader 7.x http://secunia.com/product/4546/ DESCRIPTION: NISCC has reported a weakness in Adobe Reader, which can be exploited by malicious people to enumerate files on a user's system. The problem is caused due to an error in the "LoadFile()" method making it possible to determine if a queried local file exists. The weakness has been reported in version 7.0 and prior. SOLUTION: Update to version 7.0.1. ORIGINAL ADVISORY: NISCC: http://www.niscc.gov.uk/niscc/docs/re-20050401-00264.pdf [HA! Notice it's a link to a PDF file!] ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/rules.htm Contact list owner <[EMAIL PROTECTED]> Unsubscribing and other changes: http://pcworkers.com =====================================================
