Adobe has confirmed the exploit in Acrobat Reader that we mentioned last month. A new advisory on the Adobe site admits the problem, but so far the company hasn't released a fix for Windows XP users.
As a stopgap measure Adobe has posted instructions for a workaround, but it involves editing your registry files, something we don't normally recommend since you can do serious damage to your system if you make a mistake.
However, in this case, Adobe Reader users might want to consider editing the registry, especially if you have to open a lot of untrusted PDF files. See Adobe's instructions for more details.
The vulnerability, which exploits a protocol-handling bug, was first reported last month by a hacker named Petko Petkov. Adobe says the affected systems include Adobe Reader 8.1 and earlier versions, Adobe Acrobat Standard, Professional and Elements 8.1 and earlier versions as well as Adobe Acrobat 3D.
The exploit only works on Windows XP, Vista users are not affected.
[via Computer World]
See Also:
