Skip to main content

Windows still vulnerable to PDF flaw

An increasing number of people open PDF via their browser by retrieving PDF files over the internet (via a Google search for example).

Now (opens in new tab), even accessing PDF documents can prove to be risky.

Microsoft has said that its Windows XP and Windows Server 2003 are still vulnerable to a PDF attack when using Internet Explorer 7 as it could allow remote code execution.

Microsoft stopped short of asking its customers to downgrade to Internet Explorer 6 (an even more perillous platform) or bite the bullet and move to Firefox.

The vulnerability (opens in new tab) does not affect Windows Vista. Adobe has already patched its Acrobat reader/Acrobat applications, Microsoft was quick to point that these would not prevent an attack.

Microsoft's next Tuesday round of updates is scheduled for the 13th November although this could be brought nearer if needs be.

In a separate post, F-secure wrote that malicious PDFs are being sent through email in a bid to recruit more zombie computers.

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website building and web hosting when DHTML and frames were en vogue and started writing about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium. Following an eight-year stint at where he discovered the joys of global tech-fests, Désiré now heads up TechRadar Pro. Previously he was a freelance technology journalist at Incisive Media, Breakthrough Publishing and Vnunet, and Business Magazine. He also launched and hosted the first Tech Radio Show on Radio Plus.