Security Hole in Adobe PDF Reader and Acrobat PDF Viewer, Warns Adobe

The Internet Patrol - Patrolling the Internet for You

Adobe Systems, the makers of the popular Adobe Acrobat, is warning today of a security hole in both their Adobe Reader and Adobe Acrobat PDF viewer software. Adobe Reader is a widely distributed and used free software program for viewing PDF files.

According to the Adobe website, “The vulnerability is within the Adobe Reader control. If an XML script is embedded in JavaScript, it is possible to discover the existence of local files. An attacker could then use the information gathered for malicious purposes.”


The site then goes on to say that the attacker would need to know the filename and full directory path in order to take advantage of the security hole, but still, anyone using either Adobe Acrobat or Reader should update them immediately.

Windows users using either Adobe Acrobat 7.x or Adobe Reader 7.x can update their software here.
Adobe does not yet have a security update for the Mac version, and Adobe recommends that until they release an update, Mac users “disable any Acrobat JavaScript to protect your system from this vulnerability. To disable JavaScript in Acrobat, choose Adobe > Preferences >JavaScript and deselect Enable Acrobat JavaScript.”

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

3 thoughts on “Security Hole in Adobe PDF Reader and Acrobat PDF Viewer, Warns Adobe

  1. Just generally sick of Adobe. Can’t get downloads to show up (“Page cannot be loaded”), can’t find out what version I have. Absolutely no help at all. There has to be a modern program than this old fashioned steam engine.

  2. I’m just generally sick of Adobe. Can’t get the needed downloads for security (“can’t find page,” slow to load, no help unless you tell them who you are. Nuts.

  3. Aren’t you sick of Adobe Acrobat Reader trying to be a web browser about now? More exploits to come later.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.