TechTarget

Acrobat issues security warning

Adobe Acrobat and Adobe Reader have been affected by a major security issue, which can result in hackers gaining control of a user's PC or stealing confidential information.

Adobe Acrobat and Adobe Reader have been affected by a major security issue, which can result in hackers gaining control of a user's PC or stealing confidential information.

Acrobat pdf files, which are widely available across the internet, have become the easiest way for companies to distribute electronic versions of their printed catalogues, technical documentation and company reports.

Acrobat is often installed when new PCs are first configured, and sites which use Acrobat files usually give users the opportunity to download the Reader software.

Users have been warned that a cross site scripting (XSS) vulnerability affecting multiple versions of Adobe Acrobat could enable an attacker to execute Javascript when a PDF document is opened.

The attack simply involves appending the URL for the PDF document with malicious Javascript code.

According to Websense Security Labs, an attacker could utilise this vulnerability for a wide variety of malicious actions, such as creating deceptive phishing attacks or propagating across social networking sites. An attacker could also attempt to access the local file system on the PC of an end-user who inadverantly clicks on the URL.

Users running Internet Explorer on Windows XP SP2 are unaffected. But Websense warned that Firefox users would need to upgrade to Acrobat 8.0 or higher.

Adobe's security bulletin

Comment on this article: computer.weekly@rbi.co.uk




CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close