In response to the newest zero-day bug that has been noticed in its popular Adobe Reader software, Adobe has announced that it will release a security update by next Tuesday to fix the vulnerability.
The bug could potentially allow an attacker to prepare malicious PDF documents for the execution of arbitrary code and by doing so he can take control over the affected system easily.
Expressing his views on the vulnerability, David Lenoe, the security program manager at Adobe mentioned “We have confirmed the second vulnerability (CVE-2009-1493) for Adobe Reader for Unix and this issue will be resolved in the upcoming Adobe Reader for Unix updates. Currently, we have not been able to reproduce an exploitable scenario for Windows and Macintosh, but we will continue to investigate."
You can follow ITProPortal.com on Twitter @itproportal (opens in new tab).
This is a zero-day bug which means that it has a much higher level of threat and users could potentially use another PDF reader like Foxit Reader until Adobe solves the issue. Acrobat, like Flash, is one of the most used applications in the world which makes it a very tasty target for hackers and cybercriminals. PDF spam might be a thing of the past but for the next few weeks, take care about using Acrobat.
(The H Security)
(The Tech Herald)
(S C Magazine)