Adobe Reader and Acrobat zero-day flaw exploited by hackers

If you own a Windows or Mac PC, there's a good chance you have downloaded and used a version of the free Reader and Acrobat software from Adobe to view PDF files. This week, the company admitted that there is a recently discovered "zero day" flaw in both programs that is being used by hackers.

In a security bulletin, Adobe states:

Adobe is aware of reports that these vulnerabilities are being exploited in the wild in targeted attacks designed to trick Windows users into clicking on a malicious PDF file delivered in an email message. Adobe is in the process of working on a fix for these issues and will update this advisory when a date for the fix has been determined.

The specific software versions that has been affected by this flaw are Adobe Reader XI, X, and 9 and Adobe Acrobat XI, X and 9 for Windows and Mac. While there is apparently no workaround for this issue for Mac users, people who use the Windows version can enable "Protected View" to keep the exploit from affecting their software. Adobe states, "To enable this setting, choose the "Files from potentially unsafe locations" option under the Edit > Preferences > Security (Enhanced) menu."

Source: Adobe | Image via Adobe

Report a problem with article
Previous Story

Microsoft wants you to know that Google reads your love letters

Next Story

American Express Twitter hashtag feature offers Xbox 360 bundle deal

10 Comments

Commenting is disabled on this article.

Is Adobe going to follow the same path as taken by Java? Java is already gone from my company. Adobe's reader may easily be going soon. No need for Acrobat, as Word and WordPerfect work very well, so that is a non-issue.

TsarNikky said,
Is Adobe going to follow the same path as taken by Java? Java is already gone from my company. Adobe's reader may easily be going soon. No need for Acrobat, as Word and WordPerfect work very well, so that is a non-issue.

You think Word doesn't have or has had exploits? There's Office Security Fixes constantly.
Anything that is widely used, like Acrobat, Flash, etc. etc. is always going to have hackers trying to find exploits. And what about Windows period? We get tons of security fixes threw Windows Update to fix it's exploits. So you want Windows gone too?

"Common sense is not a gift, it's a punishment. Because you have to deal with everyone who doesn't have it!"

Adobe Reader is a rare sight on a mac as the built in PDF handling is really good, sort of a cross between Adobe Reader and Adobe Acrobat full, but a lot quicker.

I'll just stick with the Reader App that comes with Windows 8.

Haven't had adobe's acrobat reader installed for the longest time for this very reason of exploits.

Before windows 8 I was using Sumatra PDF reader. A nice alternative, that's portable with no install required.

True you could use Word but then there are so many patches you need for that to try and patch up all the exploits, so you are just replacing your leaky bucket with a sieve

sagum said,
I'll just stick with the Reader App that comes with Windows 8.

Haven't had adobe's acrobat reader installed for the longest time for this very reason of exploits.

Before windows 8 I was using Sumatra PDF reader. A nice alternative, that's portable with no install required.

I didn't know win 8 support pdf, seems something positive. If we could get rid of flash player, that would be perfect.

sagum said,
I'll just stick with the Reader App that comes with Windows 8.

Haven't had adobe's acrobat reader installed for the longest time for this very reason of exploits.

Before windows 8 I was using Sumatra PDF reader. A nice alternative, that's portable with no install required.

There is no need to install acrobat reader on windows 8 for most users. They have a built-in pdf reader which does a great job!!