Adobe confirms zero-day exploit in Acrobat

Adobe Acrobat 9
Adobe Acrobat 9

Adobe has admitted that it has a 'zero-day' vulnerability in Adobe Reader 9 and Acrobat 9 that could be used by cybercriminals to gain access to people's computers.

Using malformed PDFs is a hugely common method for hackers to force open a backdoor into PCs, but it had been believed that running updated versions of Acrobat would stop the problem.

However, Adobe has confirmed that there is a serious problem with its latest PDF readers as well as its predecessors, but will not be issuing a patch until 11 March.

Updates

"Adobe is planning to release updates to Adobe Reader and Acrobat to resolve the relevant security issue. Adobe expects to make available an update for Adobe Reader 9 and Acrobat 9 by 11 March, 2009," said Adobe's release.

"Updates for Adobe Reader 8 and Acrobat 8 will follow soon after, with Adobe Reader 7 and Acrobat 7 updates to follow.

"In the meantime, Adobe is in contact with anti-virus vendors, including McAfee and Symantec, on this issue in order to ensure the security of our mutual customers."

Backdoor

Sophos' Graham Cluely has blogged on the problem, explaining: "The risk is that hackers could deliberately construct a malformed PDF file that would trigger the vulnerability, allowing them to open a backdoor and run malicious code on your computer.

"This would mean that criminals could, for instance, spam out a PDF file that would infect your PC, or plant malicious PDF content on a website.

"As PDF files are so widely used on the internet, and regularly exchanged to share information, there is an obvious concern that hackers may be quick to take advantage of this vulnerability."

TOPICS
Patrick Goss

Patrick Goss is the ex-Editor in Chief of TechRadar. Patrick was a passionate and experienced journalist, and he has been lucky enough to work on some of the finest online properties on the planet, building audiences everywhere and establishing himself at the forefront of digital content.  After a long stint as the boss at TechRadar, Patrick has now moved on to a role with Apple, where he is the Managing Editor for the App Store in the UK.

Latest in Creative Software
Photoshop CC logo on a screen
How to make an image background transparent in Photoshop
Adobe Photoshop
Adobe's Photoshop and Lightroom photo plans get a huge price hike, but there's a way to avoid it
Screenshot showing the adjustment brush in Adobe Photoshop
Adobe Photoshop CC (2024) review: the best photo editor gets even better
Adobe Creative Cloud apps on orange background and price cut sign
Adobe Creative Cloud is 65% off for students - just in time for back to school
Adobe Lightroom Generative Remove tool
Adobe Lightroom's new Generative Remove AI tool makes Content-aware Fill feel basic – and gives you one less reason to use Photoshop
Final Cut Pro update on iPad and Mac
Apple's new Final Cut Pro apps turn the iPad into an impressive live multicam studio
Latest in News
EA Sports F1 25 promotional image featuring drivers Oscar Piastri, Carlos Sainz and Oliver Bearman.
F1 25 has been officially announced, with this year's entry marking a return for Braking Point and a 'significant overhaul' for My Team mode
Garmin clippd integration
Garmin's golf watches just got a big software integration upgrade to help you improve your game
Robert Downey Jr reveals himself as Doctor Doom to a delighted crowd at San Diego Comic-Con 2024
Marvel is currently making a major announcement about Avengers: Doomsday's cast on YouTube, and I think it's going to be a long-winded reveal
Samsung QN90F on yellow background
Samsung announces US prices for its 2025 mini-LED TV lineup, and it’s good and bad news
Nintendo Switch Lite
Forget the Nintendo Switch 2, the original Switch is getting one last hurrah in a surprise Nintendo Direct tomorrow
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
Samsung Galaxy S25 Edge colors seemingly revealed in new video, and there’s another sign of an imminent launch