Skip to main content

Adobe Set To Patch Acrobat Reader Flaw Next Week

In response to the newest zero-day bug that has been noticed in its popular Adobe Reader software, Adobe has announced that it will release a security update by next Tuesday to fix the vulnerability.

The fix is expected to contain the vulnerability that relates to the implementation of JavaScript in Adobe’s Reader and Acrobat application.

The bug could potentially allow an attacker to prepare malicious PDF documents for the execution of arbitrary code and by doing so he can take control over the affected system easily.

Since the fix only be available on next Tuesday, the newest flaw would still have a window of 14 days to be exploited. Taking note of the risk, Adobe has urgently asked users to disable JavaScript in both the products and users can unselect the JavaScript option, given under the ‘Preference’ menu of ‘Edit’ function to ensure safety

Expressing his views on the vulnerability, David Lenoe, the security program manager at Adobe mentioned “We have confirmed the second vulnerability (CVE-2009-1493) for Adobe Reader for Unix and this issue will be resolved in the upcoming Adobe Reader for Unix updates. Currently, we have not been able to reproduce an exploitable scenario for Windows and Macintosh, but we will continue to investigate."

You can follow on Twitter @itproportal (opens in new tab).

Our Comments

This is a zero-day bug which means that it has a much higher level of threat and users could potentially use another PDF reader like Foxit Reader until Adobe solves the issue. Acrobat, like Flash, is one of the most used applications in the world which makes it a very tasty target for hackers and cybercriminals. PDF spam might be a thing of the past but for the next few weeks, take care about using Acrobat.

Related Links

Adobe promises patch for zero-day PDF bug by next Tuesday (opens in new tab)


Adobe to close Acrobat and Reader holes on May 12 (opens in new tab)

(The H Security)

Adobe Promises Fixes for Latest Flaws by Next Week (opens in new tab)

(PC World)

Adobe promises fixes for recent PDF flaws early next week (opens in new tab)

(The Tech Herald)

Adobe Announces Acrobat, Reader Fix (opens in new tab)


Adobe PDF vulnerability fix slated for May 12 (opens in new tab)

(S C Magazine)

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website building and web hosting when DHTML and frames were en vogue and started writing about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium. Following an eight-year stint at where he discovered the joys of global tech-fests, Désiré now heads up TechRadar Pro. Previously he was a freelance technology journalist at Incisive Media, Breakthrough Publishing and Vnunet, and Business Magazine. He also launched and hosted the first Tech Radio Show on Radio Plus.