Adobe is warning users of a newly-discovered security flaw that could give attackers control over compromised systems.
According to Adobe, the vulnerability affects the ActiveX components for versions 7.0.0 through 7.0.8 of both its Reader and Acrobat applications.
The vulnerability can be exploited when a user views a specially-crafted web page with Internet Explorer. Once the exploit has been executed, an attacker would have the ability to remotely install and execute malware.
The vulnerability was originally reported by French security research firm FrSIRT. Both FrSIRT and Adobe rate the vulnerability as "critical" – the highest alert level for both organisations.
According to Adobe, the threat can be neutralised by deleting the AcroPDF.dll ActiveX file. This will disable the ability to view PDF files within Internet Explorer, however. Other browsers and non-Windows operating systems are not affected by the vulnerability.
ActiveX flaw leaves Adobe apps vulnerable
By
Shaun Nichols
on Dec 1, 2006 3:42PM
'Critical' flaw affects Acrobat and Reader.
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
Promoted Content
4 essentials for protecting data in the new normal
Partner Content
Why your organisation's perimeter cybersecurity model is outdated
Promoted Content
COVID has sped up 'data gravity': how can IT leaders respond?
Promoted Content
Why simplicity is the winning formula for CX success
Sponsored Whitepapers
The ultimate guide to customer IAM
Communicating cyber security in a language the Board understands
10 questions to ask before you select a Network Performance Management tool
Innovate faster. Why accelerating change is a CIO's biggest challenge.
Unlock faster time-to-revenue using Adobe digital document processes
