Adobe Closes Zero-day Hole in Reader, Acrobat

ByABC News

March 11, 2009, 7:47 PM

 -- To ward off attacks reported in February that went after an unpatched, zero-day security hole in Reader and Acrobat, Adobe yesterday released a 9.1 update for Windows and Macintosh users.

The fix is only available for version 9, with an update for older 7 and 8 versions expected by March 18, the company says. Unix users will need to wait until March 25 for an update.

The flaw allows an attacker to take over a vulnerable PC if you open a poisoned .pdf file, usually sent as an e-mail attachment. Pick up version 9.1 asap, and see Adobe's bulletin for more information. Also be aware that, according to the Internet Storm Center, disabling Javascript on older 7 and 8 versions (a suggested workaround from Adobe) while you wait for an update won't protect you. You can still get nailed by an attack against this flaw if you disable Javascript, so your best bet is to update to the latest version.

Video

Live

Shows

Elections

538

Shop

Adobe Closes Zero-day Hole in Reader, Acrobat

Top Stories

Woman uses self-checkout to steal $60,000 of items from same Target store over a year

Exclusive: Mom speaks out after Air Force rescued son from cruise ship

3 big takeaways from Day 15 of Trump's hush money trial

Trump heading to Jersey Shore to rally 'mega crowd' in break from hush money trial

Eurovision Song Contest final kicks off after protests, backstage chaos and a contestant's expulsion

ABC News Live