Adobe Systems has issued a critical patch to fix a buffer overflow vulnerability in both its Adobe Acrobat document management system and the free Adobe Reader program.
The flaw allows a malicious hacker to crash a user’s system or take over their machine.
Adobe said the flaw relates to a core application plug-in used in both Acrobat and Adobe Reader.
“If a malicious file is opened it could trigger a buffer overflow as the file is being loaded into Adobe Acrobat and Adobe Reader,” said the company.
As Adobe Reader has to be installed on PCs to enable users to read documents in Adobe’s popular PDF format, the flaw potentially affects millions of computer users.
Adobe has previously issued patches this year to stop hackers from using flaws in Acrobat and Adobe Reader to gain access to users’ machines.