2005 - 1,110 views, 3 Comments

Summary: Adobe Systems, the makers of the popular Adobe Acrobat, is warning today of a security hole in both their Adobe Reader and Adobe Acrobat PDF viewer software. Adobe Reader is a widely distributed and used free software program for viewing ...

Previous Article « Ebay Gets Into Postal Service, or USPS Gets Into Online Auctions - Which Is It?
Read Next Article » Adult-Themed Websites and Surfers Take Double Hit

Adobe Systems, the makers of the popular Adobe Acrobat, is warning today of a security hole in both their Adobe Reader and Adobe Acrobat PDF viewer software. Adobe Reader is a widely distributed and used free software program for viewing PDF files.

According to the Adobe website, “The vulnerability is within the Adobe Reader control. If an XML script is embedded in JavaScript, it is possible to discover the existence of local files. An attacker could then use the information gathered for malicious purposes.”

The site then goes on to say that the attacker would need to know the filename and full directory path in order to take advantage of the security hole, but still, anyone using either Adobe Acrobat or Reader should update them immediately.

Windows users using either Adobe Acrobat 7.x or Adobe Reader 7.x can update their software here.
Adobe does not yet have a security update for the Mac version, and Adobe recommends that until they release an update, Mac users “disable any Acrobat JavaScript to protect your system from this vulnerability. To disable JavaScript in Acrobat, choose Adobe > Preferences >JavaScript and deselect Enable Acrobat JavaScript.”

Email the link for this page to a friend!

» Security Flaw in Adobe Reader Allows Malicious PDF Files to Run Programs on Your Computer

» The Amazing Fujitsu ScanSnap Scanner for Mac and PC - at Last You Can Really Put All of Your Documents on Computer

» Microsoft Issues Only 3 Patches for May, But There’s Something for Everybody

For additional similar stories check out our archives on Security

3 Comments »

Aren’t you sick of Adobe Acrobat Reader trying to be a web browser about now? More exploits to come later.

Comment by martinelli — 6/21/2005 @ 6:33 am
I’m just generally sick of Adobe. Can’t get the needed downloads for security (”can’t find page,” slow to load, no help unless you tell them who you are. Nuts.

Comment by Igor — 7/10/2005 @ 12:29 pm
Just generally sick of Adobe. Can’t get downloads to show up (”Page cannot be loaded”), can’t find out what version I have. Absolutely no help at all. There has to be a modern program than this old fashioned steam engine.

Comment by Igor — 7/10/2005 @ 12:34 pm

RSS feed for comments on this post.

Warning! All comments which contain URLs and are clearly just spam to generate a link back to the URL will be deleted on sight. Don't bother wasting your time!
If you are going to include a URL in your comment,
please keep it under 25 characters in length,
or use TinyURL to shorten it before including it in your comment.
Line and paragraph breaks are automatic, your email address is never displayed.
HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>