Adobe has issued an advisory pointing out a new vulnerability in the Acrobat Reader 9.2 and earlier due to its Javascript feature. I short, a malicious website (or a link in an email pointing to a malciously crafted PDF file) could execute arbitrary code including installing malware/viruses/Trojans on a Windows XP and prior machine. Windows 7 and Vista as well as Mac and Linux operating systems will crash, but are otherwise not vulnerable. Adobe has not yet explained how they will address this problem other that to say they are investigating it.
Adobe’s Acrobat Reader has had a string of serious security vulnerabilities in the past year. Acrobat users are encouraged to update their software by going to the Adobe site and to disable the Javascript feature.
One Response
Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.
Continuing the Discussion