Demo exploits for new vulnerabilities in Adobe Reader
Demo exploits for two new security holes in Adobe Reader are circulating on the internet. According to the SecurityFocus bug database, versions 9.1 and 8.1.4 of the PDF reader are affected. There is still no official update for the vulnerabilities. The release of the demo exploits significantly increases the likelihood that PDF documents with dangerous malicious code will start showing up and that the vulnerabilities will be exploited on a broad scale.
Users who want to avoid risks until a bug-free version of the software is available can use alternative PDF viewers and should un-install Adobe Reader for the time being to avoid picking up malware while surfing the net.
- Potential Adobe Reader Issue, Adobe's response.
- Update on Adobe Reader Issue, Adobe's follow up response.
- F-Secure advises against using Adobe Reader, report from The H Security.