All the latest UK technology news, reviews and analysis

Adobe toiling on patch for zero-day flaw in Reader and Acrobat

20 Feb 2013
Adobe headquarters in San Jose

Adobe has confirmed that it is working to patch the zero-day exploit found in its Reader and Acrobat software.

Earlier, security researches had warned of an exploit in the programs which could lead to hackers taking control of affected systems. Adobe reported that a fix for the issue should come sometime during the week of 18 February.

Adobe says that it is working on a patch for the programs on Windows, Mac, and Linux platforms, correcting flaws in Acrobat and Reader software versions nine to 9.5.3.

Until the issue is corrected Adobe recommended that administrators enable Protect View within the program's registry. Protect View is a feature that prevents documents from performing any actions that could put users at risk.

"Enterprise administrators can protect Windows users across their organisation by enabling Protected View in the registry and propagating that setting via GPO or any other method," Adobe said in a statement on the exploit.

The workaround will only work with Windows systems. Protect View currently isn't available on Mac and Linux versions of the software.

To be put at risk of attack users would have to open a PDF carrying the malware using the programs in question. Once opened the hack may not cause any noticeable suspicious activity.

According to Sophos head of technology in Asia Pacific, Paul Ducklin, the exploit works by using a decoy document technique to spread malware.

"The exploit doesn't just take over Reader and use it to inject malware onto your PC, but also reloads Reader with a clean PDF that looks safe and behaves innocently, largely because it is innocent," wrote Ducklin in a blog post.

For Adobe, the news comes following the release of a patch which corrected a similar issue in the Flash platform. Earlier this month, Flash suffered at the hands of a similar zero-day exploit.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
James Dohnert

James is a freelance writer and editor. In addition to ClickZ, his work has appeared in publications like V3, The Commonwealth Club,, and Shonen Jump magazine. He studied Journalism at Weber State University.

More on Privacy
What do you think?
blog comments powered by Disqus

Tech gifts for Christmas 2014

Is a new tablet on your wish list this festive season, or have they become yesterday’s fad?

Popular Threads

Powered by Disqus
iPhone 6 is available in silver gold and space grey

iPhone 6 video review

The best iOS handset to date

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

1st Line Support Analyst - Temp

1st line support analyst required for a leading financial...

System on Chip (SoC) Development Technical Lead, Stafford, 45,000

System on Chip (SoC) Development Lead Engineer, Stafford...

Electronics Design Engineer, Redditch, 25,000-35,000

Electronics Design Engineer, Redditch, £25,000-£35,000...

Electronics Design Engineer, Nottingham, 40,000

Electronics Design Engineer, Nottingham, £40,000 I...
To send to more than one email address, simply separate each address with a comma.