Critical Flaw Found in Adobe Acrobat 9
Critical Flaw Found in Adobe Acrobat 9
February 24, 2009: Adobe has warned that a critical flaw has been discovered in its Acrobat reader, and has recommended users disable Javascript until the bug has been fixed.
The vulnerability affects Adobe Acrobat and Adobe Reader version 9 and all other versions back to version 7. If exploited the flaw causes the software to crash due to a PDF parsing error, and could enable an attacker to take control of the computer.
Security researchers have warned that an exploit already exists, however, at the moment the attacks seem to be quite targeted and not widespread.
Adobe says that it is working on a fix for all versions, but does not expect to have anything ready before March 11. Until then, it recommends that users turn off Javascript in Adobe Reader to protect themselves from attack, and as usual to not open email attachments or files from untrusted sources.
Comment on this story