Six in 10 Adobe Reader installs vulnerable

News 14 Jul, 2011

Many users can't be bothered to update their software, leaving them vulnerable to attack.

The majority of Adobe Reader installations are out of date and therefore vulnerable to attack, according to security company Avast.

Analysis of Avast antivirus users found 60.2 per cent of those with Adobe Reader were running a vulnerable version.

One in every five were running an unpatched version of Adobe Reader that was at least two generations old.

“There is a basic assumption that people will automatically update or migrate to the newer version of any program,” said Ondrej Vlcek, chief technology officer (CTO) at Avast.

“At least with Adobe Reader, this assumption is wrong – and it’s exposing users to a wide range of potential threats.”

Brad Arkin, senior director of product security and privacy at Adobe, said most consumers can’t be bothered to update free apps.

“In many cases, users only update when provisioning a new machine,” Arkin said.

“It is actually possible to be fully patched and up-to-date if you are running Adobe Reader 8 or 9. But I think a large percentage of users simply decline the update notification.”

He urged users to adopt the automatic update option and to get hold of Adobe Reader X with the sandboxing functionality.

“Our hope is that with the automatic update and the latest Adobe Reader X offering, we will see a measurable improvement on these statistics,” Arkin added.

“We are really eager to get more users updated to the latest, most secure versions as quickly as possible.”