Adobe Acrobat Reader is as close to ubiquitous as it comes. Most new Windows-based computers come with installed and many websites offer up documents in PDF format.
That makes Acrobat Reader a juicy target for hackers and a critical vulnerability has been discovered in Acrobat Reader versions 9 and earlier that could expose users to serious risk.
The vulnerability could be used to crash Acrobat Reader using what’s called a ‘buffer overflow‘ and these are the one of the worst kinds because they often give a hacker could take over a user’s computer entirely. That’s the case here.
Adobe says it will have a patch for Acrobat Reader 9 by March 11. Patches for earlier versions will follow.
Given how widely-used PDFs are, hopefully Adobe’s cooperation with anti-virus vendors will prevent a nightmare scenario from unfolding. As InfoWorld notes, this will probably lead to an increase in malicious PDFs.
Functionality and ubiquity always have their price.