PDF security flaw exposed

adobereader8.jpgWhenever a security flaw is found within a popular application it’s usually nothing more than a chance for tech reporters to take a cheap shot at a major developer. That’s what we thought when we read about the discovery of a hole within the widely-used Adobe Acrobat Reader.

However, it turns out that the bug is a little more serious than everyone first thought. According to security specialists, the glitch within the software allows hackers to access all information on the victim’s hard drive via malicious JavaScript to PDF files hosted on websites.

Billy Hoffman, lead engineer at SPI Dynamics said: “This means any JavaScript can access the user’s local machine. Depending on the browser, this means the JavaScript can read the user’s files, delete them, execute programs, send the contents to the attacker, et cetera. This is much worse than an attack in the remote zone.”

While there is no patch available at present, the problem can be rectified by downloading the latest version of the PDF viewer, Adobe Reader 8.0.

Loading comments