Security Warning: Adobe Security Hole Exploited by Hackers

Adobe Systems is probing reports that hackers are exploiting a previously unidentified security hole in its Acrobat and PDF Reader software to break into vulnerable computers.

Once again, hackers are exploiting vulnerabilities discovered in Adobe Acrobat and PDF Reader. Adobe is now figuring out the issue and will be releasing a resolution. The move comes after an alert published by the Shadowserver Foundation, a nonprofit group that tracks the spread of malicious programs that criminals use to control infected systems remotely.

Shadowserver member Steven Adair says the flaw is present in the most recent versions of Adobe Acrobat and Reader.

Adair has warned that security experts have caught cyber crooks using the vulnerability in targeted attacks since December 11, but that more widespread attacks will emerge over the next few weeks.

Only a few anti-virus vendors have detected malicious PDF files harboring this exploit. At the moment, there is no patch available for this flaw, and Adobe's brief advisory offers little in the way of mitigation advice. However, Internet users can protect themselves from this attack in a couple of ways.

It's good to know that this exploit doesn't work unless users have Javascript enabled in Adobe Acrobat/Reader.

To disable Javascript, click "Edit" then "Preferences" and then "Javascript" and un-check "Enable Acrobat Javascript." There are alternatives one can use besides Adobe. Foxit Reader is one example.

The other PDF readers which come as free downloads, include Sumatra PDF and PDF-XChange Viewer.

Do you have a fear of your system being taking advantage of by an exploit within one of Adobe's applications?