A security vulnerability has been discovered in Adobe's Acrobat document reader that could leave users open to cyber attacks.
Adobe today confirmed the problem and said that although it has no reports of affected customers it has posted patches on its website that correct the flaw. Acrobat is free to download and lets users read PDF format documents.
The security hole can be exploited by a malicious user who could create a PDF file that, when viewed in Acrobat on Windows, would cause Acrobat to crash or to run arbitrary code on a PC.
Last month Microsoft admitted that its Outlook messaging software is vulnerable to similar problems, which could be exploited to allow an attacker to cause an email client to either crash or run malicious code.
In a security alert sent out to its customers today, antivirus company Panda said that until now, PDF was considered to be a safe format that posed no risk to users.
"The vulnerability makes it possible to include malicious code within a PDF file," said Panda. "This code, which could be a virus, worm or a Trojan Horse, would be executed as soon as the PDF document was opened."
The problem highlights the need to maintain servers as "clean environments" that house only strictly necessary software, said Panda. "Applications such as Adobe Acrobat, Microsoft Word, Access, Excel, for example, should therefore be removed from server machines," it added.
"If an administrator needs to consult a document, he/she should do so on his/her own workstation, and never on the server, as this would expose the server and consequently the entire network to the effects of viruses and other forms of malicious code."
More information is available at www.adobe.com/misc/pdfsecurity.html
Engineer calculates that Chengdu's plan to replace streetlights with artificial moonlight would cost $100bn
Dark matter holds the Universe together - and gravitational waves could help identify it
Addison Lee is working on autonomous taxis for commuting and pleasure
IBM and Technical University of Munich team demonstrate how Shor's algorithm, which can't be cracked by conventional computers, can be solved quickly with quantum computing