Software publisher Adobe Systems has updated its SVG Viewer software to patch several recently discovered security holes. SVG Viewer works as a plug-in for popular Web browsers to allow them to display images created in the Scalable Vector Graphics (SVG) format, an open standard for animated graphics recentlyand backed by Adobe as an alternative to Macromedia's dominant Flash format.
The most serious of the vulnerabilities, discovered by Israeli security company GreyMagic Software, could allow a malicious user to remotely read files on a PC by redirecting Web links embedded in SVG files. A more complicated hack could allow an attacker to remotely take over a vulnerable PC. There are no known exploits of the flaws. Details of the risks and links to an updated version of the software that patches the holes are posted on Adobe's SVG Viewer site.