We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
79,994 News Articles

Adobe releases patches for Acrobat and Reader

XXE vulnerability plugged

Adobe Systems has rolled out patches for security vulnerabilities found in Adobe Reader 7.0 and 7.0.1, and Acrobat 7.0 and 7.0.1.

The hole in the products, referred to as an XXE (XML external entity) vulnerability, can allow XML scripts to be used to discover a user's local files. An attacker could then maliciously use the gathered information.

Adobe pointed out that local files could be found only if the attacker knows the complete file names and paths in advance of such an attack.

The vulnerability impacts Acrobat and Reader products running on both Windows and Mac platforms.

According to Adobe, Windows customers who use Reader and Acrobat should download the updates provided on its website at www.adobe.com/support/downloads.

The company said it will release an update for Mac OS versions shortly. Until this patch is available, Adobe advises end-users to disable any Acrobat JavaScript. This should protect their systems from the vulnerability.

IDG UK Sites

45 Best Android games: top Android games for your smartphone or tablet in 2014 (24 are free!)

IDG UK Sites

How Apple, Adobe, Microsoft and others have let us down over UltraHD and hiDPI screens

IDG UK Sites

Do you have the X-Factor too? Mix Off app puts fans in the frame

IDG UK Sites

iPad Pro release date, rumours and leaked images - 12.9 screen 'coming in 2015'