Hi All, A critical security vulnerability in an ActiveX control used by Internet Explorer could allow malicious hackers to use Adobes Reader and Acrobat software to launch PC hijack attacks, according to a warning from Adobe Systems.
The San Jose, Calif., company released an advisory with pre-patch workarounds and warned that multiple unpatched flaws could cause software crashes and "potentially allow an attacker to take control of the affected system." Affected software includes Adobe Reader 7.0.0 through 7.0.8 and Adobe Acrobat Standard and Professional 7.0.0 through 7.0.8 on the Windows platform. The bugs are only triggered when using Internet Explorer. Users of other browsers are not affected. Adobe said it is working on a comprehensive patch that will ship "soon" and stressed than an upcoming upgrade to the widely used Adobe Reader program is not vulnerable to this issue. Temporary workaround: Adobe suggests that affected users apply the following workaround: * Browse to :\Program Files\Adobe\Acrobat 7.0\ActiveX. Note: If you did not install Acrobat to the default location, browse to the location of your Acrobat 7.0 folder. * Select AcroPDF.dll and delete it. The workaround will prevent PDF documents from opening within an Internet Explorer window. After applying the workaround, clicking on PDF files within Internet Explorer will either open the files in a separate instance of Adobe Reader or prompt the user to download the file, which can then be opened in Adobe Reader. The company warned that the workaround may disrupt some enterprise workflows and use of PDF fo -- You received this message because you are subscribed to the Google Groups "nforceit" group. To post to this group, send an email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/nforceit?hl=en-GB.
