By Dan Goodin in San Francisco
8th October 2009
Attackers once again are targeting an unpatched vulnerability in Adobe
Reader that allows them to take complete control of a user's computer,
the software maker warned.
Adobe said it planned to patch the critical security bug in Reader and
Acrobat 9.1.3 for Windows, Mac and Unix on Tuesday, the date of the
company's previously scheduled patch release for the PDF reader.
According to Security Focus here, attackers can exploit the
vulnerability by tricking a user into opening a booby-trapped PDF file.
"Successful exploits may allow the attacker to execute arbitrary code in
the context of a user running the affected application," the security
site warned. "Failed attempts will likely result in denial-of-service
The bug is presently being exploited in "limited targeted attacks,"
Security Focus added, without elaborating. Adobe said only that the
attacks target Reader and Adobe running on Windows operating systems.
Did a friend send you this? From now on, be the
first to find out! Subscribe to InfoSec News