Adobe Set To Patch Acrobat Reader Flaw Next Week

In response to the newest zero-day bug that has been noticed in its popular Adobe Reader software, Adobe has announced that it will release a security update by next Tuesday to fix the vulnerability. 

The fix is expected to contain the vulnerability that relates to the implementation of JavaScript in Adobe’s Reader and Acrobat application. 

The bug could potentially allow an attacker to prepare malicious PDF documents for the execution of arbitrary code and by doing so he can take control over the affected system easily. 

Since the fix only be available on next Tuesday, the newest flaw would still have a window of 14 days to be exploited.  Taking note of the risk, Adobe has urgently asked users to disable JavaScript in both the products and users can unselect the JavaScript option, given under the ‘Preference’ menu of ‘Edit’ function to ensure safety 

Expressing his views on the vulnerability, David Lenoe, the security program manager at Adobe mentioned “We have confirmed the second vulnerability (CVE-2009-1493) for Adobe Reader for Unix and this issue will be resolved in the upcoming Adobe Reader for Unix updates. Currently, we have not been able to reproduce an exploitable scenario for Windows and Macintosh, but we will continue to investigate." 

You can follow ITProPortal.com on Twitter @itproportal.