ActiveX flaw leaves Adobe apps vulnerable

By Shaun Nichols on Dec 1, 2006 3:42 PM
Filed under Security
 

'Critical' flaw affects Acrobat and Reader.

Adobe is warning users of a newly-discovered security flaw that could give attackers control over compromised systems.

According to Adobe, the vulnerability affects the ActiveX components for versions 7.0.0 through 7.0.8 of both its Reader and Acrobat applications.

The vulnerability can be exploited when a user views a specially-crafted web page with Internet Explorer. Once the exploit has been executed, an attacker would have the ability to remotely install and execute malware.

The vulnerability was originally reported by French security research firm FrSIRT. Both FrSIRT and Adobe rate the vulnerability as "critical" – the highest alert level for both organisations.

According to Adobe, the threat can be neutralised by deleting the AcroPDF.dll ActiveX file. This will disable the ability to view PDF files within Internet Explorer, however. Other browsers and non-Windows operating systems are not affected by the vulnerability.

Copyright ©v3.co.uk


ActiveX flaw leaves Adobe apps vulnerable
Tags
activex, flaw, leaves, adobe, apps, vulnerable
Related Articles
Breaking Stories
 
 
 
 
 
Top Stories
CommBank suppliers compete for portable workloads
CommBank suppliers compete for portable workloads
Multi-sourcing deals yield $100m savings.
 
Australia turns to homegrown drones
Australia turns to homegrown drones
Debating the finer points of unmanned aerial vehicle design.
 
The New Zealand telco problem
The New Zealand telco problem
Opinion: Could Telstra save Kiwi telcos?
 
Sign up to receive iTnews email bulletins
   FOLLOW US...

Latest VideosSee all videos »

Latest Comments
Powered by Disqus
Polls
Should the Government enact new legislation to protect copyright holders in the digital age?
   |   View results
Yes
  20%
 
No
  80%
TOTAL VOTES: 540

Vote
view previous polls »