Adobe Acrobat Reader is as close to ubiquitous as it comes. Most new Windows-based computers come with installed and many websites offer up documents in PDF format.

That makes Acrobat Reader a juicy target for hackers and a critical vulnerability has been discovered in Acrobat Reader versions 9 and earlier that could expose users to serious risk.

There are reports that exploits are already making the rounds and if these are accurate, which they appear to be, look out.

The vulnerability could be used to crash Acrobat Reader using what's called a 'buffer overflow' and these are the one of the worst kinds because they often give a hacker could take over a user's computer entirely. That's the case here.

Adobe says it will have a patch for Acrobat Reader 9 by March 11. Patches for earlier versions will follow.

Given how widely-used PDFs are, hopefully Adobe's cooperation with anti-virus vendors will prevent a nightmare scenario from unfolding. As InfoWorld notes, this will probably lead to an increase in malicious PDFs.

Functionality and ubiquity always have their price.

Patricio Robles

Published 20 February, 2009 by Patricio Robles

Patricio Robles is a tech reporter at Econsultancy. Follow him on Twitter.

2642 more posts from this author

You might be interested in

Comments (3)


Project Management Procedures

Can anyone confirm (or can anyone post a reference) that Acrobat version 6 is, or is not, affected by this exploit or has this vulnerability? Is there any example code available for vulnerability testing?

almost 9 years ago


commercial locksmiths, locksmith at locksmith

I receive an error when I try to open old version acrobat file with newer versions.

over 8 years ago


Halvar Gravråkmo

Haha, I installed Acrobat Reader 10 (automatically), but it turned out it's not compatible with my editor Texniccenter. I tried to fix it once but it didn't work so I uninstalled it and installed an older version of Acrobat, now it works perfectly.

But I was not able to work for a couple of hours. Those automatic upddates sure wastes a lot of time by all trouble it causes. It must be a very huge sum of wasted hours of peoples lives.

Also, there is no guarantee that Acrobat Reader 10 is safe, just because it has been discovered the old versions are not perfectly safe. (If you find two socks with holes in your drawer, it doesnt mean you are quaranteed that all the other socks are good)

Sugestion nr 1. If you dont need an upgrade, dont upgrade, it often costs you more trouble than it saves, that's my experience, and the recomandations of the professionals, except those professionals selling software. And turn off automatic updates for most software.

about 7 years ago

Save or Cancel

Enjoying this article?

Get more just like this, delivered to your inbox.

Keep up to date with the latest analysis, inspiration and learning from the Econsultancy blog with our free Digital Pulse newsletter. You will receive a hand-picked digest of the latest and greatest articles, as well as snippets of new market data, best practice guides and trends research.