Galaxy Z Flip 4 Preorder Quest 2: Still the Best Student Internet Discounts Best 55-Inch TV Galaxy Z Fold 4 Preorder Nintendo Switch OLED Review Foldable iPhone? 41% Off 43-Inch Amazon Fire TV
Want CNET to notify you of price drops and the latest stories?
No, thank you

Adobe tackles risky holes in Acrobat, Reader

Software maker issues "highly critical" updates for Reader, Acrobat versions to fix flaws that could allow PC hijacks.

Adobe Systems has issued updates to fix security flaws in its Reader and Acrobat software that could allow an attacker to remotely commandeer a computer.

The vulnerabilities affect Adobe Reader and Adobe Acrobat Standard, Professional and Elements versions 7.0.8 and earlier, as well as Adobe Acrobat 3D, Adobe said in its advisory. Secunia rated the Reader flaw as "highly critical."

The version 7.0.9 updates issued Tuesday are designed to address holes that could allow outsiders to gain access to hard-disk drives via a malicious link that targets PDF files on vulnerable computers.

The attackers could then take the compromised system and read and delete files, execute programs and forward information from the computer.

Adobe recommends that Reader users upgrade to Reader 8, the most recent major version, to fix the problem. Those whose computer systems are not compatible, or who do not want to move to version 8 can install Tuesday's 7.0.9 version instead.

That means people will have to do a full installation of a software version to protect their computers. Typically, companies will provide a patch to fix security holes--a less time-consuming process--but Adobe has not done that in this case.

The 7.0.9 update is slightly larger than a patch, an Adobe representative said. The company was already working on the update when it added the security features, so Adobe was able to get out a full installation faster than it would for just a patch, the representative added.