Security Flaw May Compromise Adobe Acrobat PDF Reader

FindLaw

By Kevin Fayle

Security researchers have discovered a flaw in the Adobe Acrobat Reader that may allow malicious computer crackers to initiate attacks on personal computers, according to a report by the Associated Press. The vulnerability allows attackers to take control of the popular software and execute code on the user's computer.

The flaw exists in the plug-in for Mozilla Firefox and Internet Explorer 6.0 or below that allows users to view PDF files within a web browser. By exploiting the vulnerability, intruders can create links to trusted documents that contain malicious JavaScript code. The code runs once the user clicks on the link, and allows the cracker to take control of the Acrobat software and either steal information from the user's computer or install other types of dangerous programs.

The researchers suggest that users either upgrade to Internet Explorer 7 or change the settings in Firefox so that the browser ceases to use the plug-in, though it remains unclear how pervasive or harmful any attacks based on this flaw may be.

Adobe did not comment on the security breach in the Associated Press report.

Software

© 2007 FindLaw

Technology Tools

  • E-Discovery Guide
    Dive into the specifics of the E-Discovery process with our interactive guide.
     
  • E-Discovery Wizard
    FindLaw's interactive tool to help you understand the new Federal Rules for electronic discovery.
     
  • Articles & Releases
    News, analysis and product releases to help keep you informed on legal technology developments.
     
  • Legal Technology Events
    Events, conferences and webinars on the subject of legal technology.
     
  • Technologist Blog
    The latest law technology news and developments.
     
  • RSS feeds
    Subscribe to an RSS feed of the latest Legal Technology Articles and Releases.

Search


Ads by FindLaw