Adobe PDF Plugin Flaw Revealed

January 4th, 2007

Computer SecurityThere’s a fairly serious security flaw in the Adobe Reader plugin for Internet Explorer and Mozilla Firefox. It’s exploited via the URL to the PDF file, rather than the file itself. So even if the file is on a trusted site, clicking on a PDF link from an untrusted site or email could trigger the exploit. Internet Explorer version 7.0 does not have this problem, but 6.0 and previous versions are vulnerable. Non-IE users need to be very careful when opening PDF files, or consider disabling the PDF plugin.

(via Kim Komando)

UPDATE: Version 8 of the Adobe Reader does not have this problem.

Leave a Reply


HTML: You can use these tags.