RSSAdobe PDF Flaw Only Affects XP, IE7, Company Confirms
By Scott M. Fulton, III | Published October 10, 2007, 6:23 PM
A Reuters story that made the rounds this afternoon picked up on information first reported by BetaNews three weeks ago, regarding a vulnerability in PDF files rendered in Adobe Acrobat and Adobe Reader.
But Reuters' reluctance to mention Windows until paragraph 10 on panel #2 may have been partly responsible today for some security sites reporting that the vulnerability affects Linux and Solaris users as well.
While Reuters stated Adobe officials were not immediately available for comment, they did make themselves readily available to BetaNews. Spokesperson John Cristofano researched our inquiry and reported back to us that the vulnerability affects only Windows XP users with Internet Explorer 7 installed.
GNUCitizen.org researcher Petko D. Petkov is credited with having discovered the vulnerability, and with having disclosed its dynamics to Adobe prior to any public disclosure. His original headline for the discovery was "0day: PDF Pwns Windows," making it clear the problem did not impact any Linux or UNIX distribution.
One clue to the fact that the problem is Windows-centric might have been ascertained by studying Adobe's posted solution, which involves a Windows System Registry hack.
What versions of Adobe Acrobat are affected? Now that we have some news that it's xp, and IE7, we're still missing vital info. Does anyone even know this info?
Score: 0
|Again another reason for NOT wanting to have IE in your machine if your not using it. I really want MS to allow for a complete and total uninstall of IE on XP or Vista. As they do in Windows 2000. THE EU has required that ability for years now, but MS is still hesitant to comply. I really wish I knew why? If you HACK it out in Vista it cripples your machine. IF you hack it out in XP, you will get random errors that you have to ignore, but it does work...
Score: 0
|Its good to be on the green side of the fence...
Score: 0
|Exactly what the hell has been going on with Acrobat since 6.0 that's caused Adobe to constantly update it? Last few years, it's like every time I download a new PDF, I either get a message about needing to update to read it, or the update dialog box comes up anyway. And a lot of times, that dialog box just hides behind other windows (with no presence on the task bar) and I'm wondering why my browser seems frozen. And in the end, it's just another document that doesn't seem any more special than how PDFs looked since 4.x.
Score: 0
|Couldn't agree with you more.
Score: 0
|I use Acrobat 5.0 zero problems... Reads everything. if it pops up saying there is a newer version ignore it and open the file. it opens with no problem. Least for me... I just gave up on adobe when the last reader took a good min and a half to open in comparison to Acrobat 5.0
Just dont think all their DRM is worth the slow loading times...
Score: 0
|Whew! Had me worried there for a while, but it's good to now hear the problem affects only 90% of the world's PCs and not all of them.
(Ditto on Foxit Reader.)
Score: 0
|Very Good ZenWarrior :>)
Score: 0
|Save yourself the hassle and install Foxit Reader. The reader is free, it's not as big as a target for exploits as Adobe Reader, it doesn't lock your browser while it loads a pdf, and it doesn't redraw the page a billion times when you scroll.
Score: 0
|