January 10, 2007 12:44 PM PST

Adobe tackles risky holes in Acrobat, Reader

Related Stories

Acrobat flaw could spawn Web attacks

January 3, 2007

FAQ: JavaScript insecurities

July 28, 2006
Adobe Systems has issued updates to fix security flaws in its Reader and Acrobat software that could allow an attacker to remotely commandeer a computer.

The vulnerabilities affect Adobe Reader and Adobe Acrobat Standard, Professional and Elements versions 7.0.8 and earlier, as well as Adobe Acrobat 3D, Adobe said in its advisory. Secunia rated the Reader flaw as "highly critical."

The version 7.0.9 updates issued Tuesday are designed to address holes that could allow outsiders to gain access to hard-disk drives via a malicious link that targets PDF files on vulnerable computers.

The attackers could then take the compromised system and read and delete files, execute programs and forward information from the computer.

Adobe recommends that Reader users upgrade to Reader 8, the most recent major version, to fix the problem. Those whose computer systems are not compatible, or who do not want to move to version 8 can install Tuesday's 7.0.9 version instead.

That means people will have to do a full installation of a software version to protect their computers. Typically, companies will provide a patch to fix security holes--a less time-consuming process--but Adobe has not done that in this case.

The 7.0.9 update is slightly larger than a patch, an Adobe representative said. The company was already working on the update when it added the security features, so Adobe was able to get out a full installation faster than it would for just a patch, the representative added.

See more CNET content tagged:
Adobe Acrobat Reader, Adobe Acrobat, Adobe Systems Inc., patch, security

 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.