According to Adobe, the vulnerability affects the ActiveX components for versions 7.0.0 through 7.0.8 of both its Reader and Acrobat applications.
The vulnerability can be exploited when a user views a specially-crafted web page with Internet Explorer. Once the exploit has been executed, an attacker would have the ability to remotely install and execute malware.
The vulnerability was originally reported by French security research firm FrSIRT. Both FrSIRT and Adobe rate the vulnerability as "critical" – the highest alert level for both organisations.
According to Adobe, the threat can be neutralised by deleting the AcroPDF.dll ActiveX file. This will disable the ability to view PDF files within Internet Explorer, however. Other browsers and non-Windows operating systems are not affected by the vulnerability.
_(36).jpg&h=140&w=231&c=1&s=0)
_(33).jpg&h=140&w=231&c=1&s=0)
Cyber Resilience Summit
iTnews Executive Retreat - Security Leaders Edition
Huntress + Eftsure Virtual Event -Fighting A New Frontier of Cyber-Fraud: How Leaders Can Work Together
iTnews Cloud Covered Breakfast Summit
Live & Hands On Demo: Navigating the BMC AMI DevX Platform to Understand Code Faster Using AI
_(1).jpg&h=140&w=231&c=1&s=0)
