January 8th, 2007, 04:23 AM
Adobe .PDF Reader vulnerability
Got an email regarding a vulnerability in .pdf pages. Googled it and came up with the following. Do not know if the problem applies to previous editions of Adobe Acrobat full version, or is limited to only prior versions of the free Adobe Acrobat Reader:
Link To Story
Security flaw in Adobe PDF reader
January 5, 2007
Internet users are being urged to check that they have the latest version of Adobe's Acrobat Reader software, a popular application used to view PDF (portable document format) files.
Security experts have warned that a plug-in for the application could allow hackers to see and edit the folders on a person's hard drive.
Users of Mozilla's Firefox browser and people using versions of Internet Explorer previous to the latest version, IE7, are at risk.
"PDF files are trusted and very popular, making any significant PDF vulnerability a cause for concern," said Ken Dunham of security firm iDefense.
There have been no reports of any hackers actively exploiting the flaw at the moment but according to Dunham, exploit code is available on the internet.
"One of the main websites hosting code for this vulnerability has been hammered with traffic all day, showing great interest in this new exploit," he said.
Internet users are advised to upgrade to version 8 of Acrobat Reader