Adobe Reader and Acrobat PDFs not safe until March
By Asavin Wattanajantra,
Users have been warned about a new threat from malicious PDF files that won’t be fixed until next month, after Adobe's Reader and Acrobat were found to have a critical vulnerability.
In a security bulletin, Adobe warned that the security hole could cause the application to crash and potentially allows an attacker to take control of the affected system. It also said that criminals were already exploiting the flaw.
Adobe are planning to release updates to Adobe Reader and Acrobat to solve the issue, but warned that these wouldn’t be available until 11 March. Adobe said that it was already in contact with anti-virus vendors such as McAfee and Symantec about the issue.
Adobe said users should update their virus definitions and be cautious when opening files from an untrusted source.
Graham Cluley, security consultant at Sophos, said on his blog that hackers could deliberately construct a malformed PDF file which could trigger the vulnerability, allowing them to open a backdoor and run malicious code on your computer.
He said: “This would mean that criminals, for instance, spam out a PDF file that would infect your PC, or plant malicious PDF content on a website.
“As PDF files are so widely used on the internet, and regularly exchanged to share this information, there is an obvious concern that hackers may be quick to take advantage of this vulnerability.”
You may also like...
advertisement
Latest Security Features
Q&A: The ID card commissioner talks cards and controversy
We spoke to ID card commissioner Sir John Pilling about his thoughts on the identity scheme and why we might all think he's a bit of prat down the line.
- So you've been hacked, now what?
- The problems facing Internet Explorer
- Year in Review: 2009 in your words
- Top 10 security predictions for 2010
- Year in Review: Top tech stories of 2009
- The worst IT disasters of 2009
- Five free security software suites
- How to stay safe shopping online
- Is it time to switch to IPv6?
Latest Security Reviews
WatchGuard XCS-770 review
Rating: 
advertisement
Most popular
- Google Nexus One review: A week with the superphone
- HTC Legend review
- Conservatives promise 100Mbps in tech manifesto
- Apple tops for tech support
- Virgin to run fibre broadband over telegraph poles
- Google Nexus One UK launch confirmed for next month
- HMRC IT leaves 35 million cases for manual processing
- Bill Gates is no longer the richest man in the world
- Facebook and Google hit by patent suit
- Microsoft loses second appeal in Word patent dispute
Latest News Videos in Security
Video: Why security is everybody's responsibility
PlayRik Ferguson, senior security advisor at Trend Micro says it's up to all of us to make security work.
Whitepapers
Want more background on today's hottest IT trends?
Visit IT PRO's whitepaper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
