Adobe admits to flaw in all forms of Reader

By

Adobe has warned that a serious flaw has been discovered in all shipping versions of its Reader software, affecting PCs, Apple and Unix versions.

The flaw, which came to light yesterday, is the software’s execution of Javascript and allows attackers to ether run code on target systems or crash the application. US-CERT has also issued an advisory on the problem, which occurs in the "getAnnots" JavaScript function.


“All currently supported shipping versions of Adobe Reader and Acrobat (Adobe Reader and Acrobat 9.1, 8.1.4, and 7.1.1 and earlier versions) are vulnerable to this issue,” said Adobe in a blog posting.

“Adobe plans to provide updates for all supported versions for all platforms (Windows, Macintosh and Unix) to resolve this issue.”

The company has given a timeline for the release of a patch but has said that, so far, no exploits have been seen in the wild.

The announcement is embarrassing for Adobe, coming after flaws that appeared last month. Some security experts are now recommending people switch to free alternative readers.

"We've said it before but it's worth repeating — use an alternative to Adobe Acrobat Reader ," said Patrik Runald, a security response manager at F-Secure in the company blog.

“We won't recommend any reader over another as it would be better if people use a wide variety of them. A list of readers can be found here, pdfreaders.org. Others are Foxit, CutePDF, etc.”

Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:

Most Read Articles

Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"

SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

Log In

  |  Forgot your password?