All the latest UK technology news, reviews and analysis

Adobe toiling on patch for zero-day flaw in Reader and Acrobat

20 Feb 2013
Adobe headquarters in San Jose

Adobe has confirmed that it is working to patch the zero-day exploit found in its Reader and Acrobat software.

Earlier, security researches had warned of an exploit in the programs which could lead to hackers taking control of affected systems. Adobe reported that a fix for the issue should come sometime during the week of 18 February.

Adobe says that it is working on a patch for the programs on Windows, Mac, and Linux platforms, correcting flaws in Acrobat and Reader software versions nine to 9.5.3.

Until the issue is corrected Adobe recommended that administrators enable Protect View within the program's registry. Protect View is a feature that prevents documents from performing any actions that could put users at risk.

"Enterprise administrators can protect Windows users across their organisation by enabling Protected View in the registry and propagating that setting via GPO or any other method," Adobe said in a statement on the exploit.

The workaround will only work with Windows systems. Protect View currently isn't available on Mac and Linux versions of the software.

To be put at risk of attack users would have to open a PDF carrying the malware using the programs in question. Once opened the hack may not cause any noticeable suspicious activity.

According to Sophos head of technology in Asia Pacific, Paul Ducklin, the exploit works by using a decoy document technique to spread malware.

"The exploit doesn't just take over Reader and use it to inject malware onto your PC, but also reloads Reader with a clean PDF that looks safe and behaves innocently, largely because it is innocent," wrote Ducklin in a blog post.

For Adobe, the news comes following the release of a patch which corrected a similar issue in the Flash platform. Earlier this month, Flash suffered at the hands of a similar zero-day exploit.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
James Dohnert

James is a freelance writer and editor. In addition to ClickZ, his work has appeared in publications like V3, The Commonwealth Club,, and Shonen Jump magazine. He studied Journalism at Weber State University.

More on Privacy
What do you think?
blog comments powered by Disqus

Green IT poll

How important is it to your business that a cloud provider uses renewable energy like solar or wind to power their data centres?

Popular Threads

Powered by Disqus
Galaxy S5 vs Nexus 5 head to head review front

Galaxy S5 vs Nexus 5 video review

We compare Samsung and Google's top devices

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Head of IT Projects

Head of IT Projects Annual Salary: Up to £48,153...

Head of IT Service Management

Head of IT Service Management Annual Salary of up...

Assistant IT Director

Assistant IT Director Annual Salary: Up to £74,954...

Junior VB.NET Application Developer (ASP.NET, SQL, Graduate)

Junior VB.NET Application Developer (ASP.NET, SQL, Graduate...
To send to more than one email address, simply separate each address with a comma.