All the latest UK technology news, reviews and analysis

Adobe toiling on patch for zero-day flaw in Reader and Acrobat

20 Feb 2013
Adobe headquarters in San Jose

Adobe has confirmed that it is working to patch the zero-day exploit found in its Reader and Acrobat software.

Earlier, security researches had warned of an exploit in the programs which could lead to hackers taking control of affected systems. Adobe reported that a fix for the issue should come sometime during the week of 18 February.

Adobe says that it is working on a patch for the programs on Windows, Mac, and Linux platforms, correcting flaws in Acrobat and Reader software versions nine to 9.5.3.

Until the issue is corrected Adobe recommended that administrators enable Protect View within the program's registry. Protect View is a feature that prevents documents from performing any actions that could put users at risk.

"Enterprise administrators can protect Windows users across their organisation by enabling Protected View in the registry and propagating that setting via GPO or any other method," Adobe said in a statement on the exploit.

The workaround will only work with Windows systems. Protect View currently isn't available on Mac and Linux versions of the software.

To be put at risk of attack users would have to open a PDF carrying the malware using the programs in question. Once opened the hack may not cause any noticeable suspicious activity.

According to Sophos head of technology in Asia Pacific, Paul Ducklin, the exploit works by using a decoy document technique to spread malware.

"The exploit doesn't just take over Reader and use it to inject malware onto your PC, but also reloads Reader with a clean PDF that looks safe and behaves innocently, largely because it is innocent," wrote Ducklin in a blog post.

For Adobe, the news comes following the release of a patch which corrected a similar issue in the Flash platform. Earlier this month, Flash suffered at the hands of a similar zero-day exploit.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
James Dohnert

James is a freelance writer and editor. In addition to ClickZ, his work has appeared in publications like V3, The Commonwealth Club,, and Shonen Jump magazine. He studied Journalism at Weber State University.

More on Privacy
What do you think?
blog comments powered by Disqus

Devices at work poll

Which device do you use most for work?

Popular Threads

Powered by Disqus
LG G Flex 2 hands-on review

CES 2015: LG G Flex 2 video

A closer look at LG's latest curved-screen smartphone

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Software Engineer - Internet Marketing Automation TH-Bangkok

Build the most sophisticated internet marketing system...

Lead Data Scientist - Tel Aviv

Lead Data Scientist - Tel Aviv Please note: We can...

Software Engineer (Bangkok), Java, HTML, .Net, C++, Hadoop

Software Engineer ( Relocate to Bangkok - FULL RELOCATION...

Big Data Engineer - US Dot-com Company (Relocate to Thailand)

Big Data Engineering - US Dot-com Company (Relocate to...
To send to more than one email address, simply separate each address with a comma.