Critical vulnerability hits Adobe Acrobat Reader

Posted by Humphrey Cheung

Adobe is saying that its Adobe Acrobat Reader and Adobe Acrobat programs contain code vulnerabilities which could crash or even allow hackers to gain control of computers. The vulnerabilities affect ActiveX control inside of Internet Explorer when a computer is running Adobe. Adobe rates the vulnerability as critical and says hackers could gain complete control of the system.

News of the vulnerability first came from FrSIRT, a well-known computer security website. Since then Adobe has issued its own advisory. The vulnerability affects the Reader and regular Acrobat versions from 7.0.0 to 7.0.8 on Windows computers using Internet Explorer.

Adobe will be releasing an updated version of Acrobat that is patched against the vulnerability, but recommends the following work-around in the meantime. Users are advised to delete the AcroPDF.dll file in their Acrobat 7.0 folder.

Adobe stresses it has not seen any exploit code in the wild.