We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Adobe releases patches for Acrobat and Reader

XXE vulnerability plugged

Adobe Systems has rolled out patches for security vulnerabilities found in Adobe Reader 7.0 and 7.0.1, and Acrobat 7.0 and 7.0.1.

The hole in the products, referred to as an XXE (XML external entity) vulnerability, can allow XML scripts to be used to discover a user's local files. An attacker could then maliciously use the gathered information.

Adobe pointed out that local files could be found only if the attacker knows the complete file names and paths in advance of such an attack.

The vulnerability impacts Acrobat and Reader products running on both Windows and Mac platforms.

According to Adobe, Windows customers who use Reader and Acrobat should download the updates provided on its website at www.adobe.com/support/downloads.

The company said it will release an update for Mac OS versions shortly. Until this patch is available, Adobe advises end-users to disable any Acrobat JavaScript. This should protect their systems from the vulnerability.


IDG UK Sites

iPhone 6 vs Samsung Galaxy S5 comparison review: Apple takes on Samsung once again in smartphone...

IDG UK Sites

Just another opinion about Apple's new iPhone

IDG UK Sites

Intel Xeon E5 v3 Haswell processors review: we check out the fastest chips on the planet

IDG UK Sites

Apple Watch hands-on review | Apple Watch design, spec, features & UK pricing