Login:
Password:
Lost Password?
Print this article  |  E-mail this article  |  Comment on this article

Adobe PDF Flaw Only Affects XP, IE7, Company Confirms

By Scott M. Fulton, III, BetaNews

October 10, 2007, 6:23 PM

A Reuters story that made the rounds this afternoon picked up on information first reported by BetaNews three weeks ago, regarding a vulnerability in PDF files rendered in Adobe Acrobat and Adobe Reader.

But Reuters' reluctance to mention Windows until paragraph 10 on panel #2 may have been partly responsible today for some security sites reporting that the vulnerability affects Linux and Solaris users as well.

While Reuters stated Adobe officials were not immediately available for comment, they did make themselves readily available to BetaNews. Spokesperson John Cristofano researched our inquiry and reported back to us that the vulnerability affects only Windows XP users with Internet Explorer 7 installed.

GNUCitizen.org researcher Petko D. Petkov is credited with having discovered the vulnerability, and with having disclosed its dynamics to Adobe prior to any public disclosure. His original headline for the discovery was "0day: PDF Pwns Windows," making it clear the problem did not impact any Linux or UNIX distribution.

One clue to the fact that the problem is Windows-centric might have been ascertained by studying Adobe's posted solution, which involves a Windows System Registry hack.

Add a Comment (10 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By Seeker of Truth

edited Oct 28, 2007 - 1:34 PM

Of how the unhappy comments for the new Windows Vista,and now this report of the Adobe program having,it is now to say that more Vulnerabilties,are now being revealed before the Vista takes over from using XP? Now the real question is how safe will the Vista be,if the Ie7 have a weakness,so like an Dominio effect what other programs can be affected. That should raise some flags,even in the commerical community.It bad enough of the hackers out there now. But between the two systems which one would be the least protected,the older or the new?

Score: 0

By philosopher_dog

posted Oct 12, 2007 - 12:00 AM

What versions of Adobe Acrobat are affected? Now that we have some news that it's xp, and IE7, we're still missing vital info. Does anyone even know this info?

Score: 0

By ingram091

edited Oct 11, 2007 - 4:36 PM

Again another reason for NOT wanting to have IE in your machine if your not using it. I really want MS to allow for a complete and total uninstall of IE on XP or Vista. As they do in Windows 2000. THE EU has required that ability for years now, but MS is still hesitant to comply. I really wish I knew why? If you HACK it out in Vista it cripples your machine. IF you hack it out in XP, you will get random errors that you have to ignore, but it does work...

Score: 0

By Program86

posted Oct 11, 2007 - 3:24 PM

Its good to be on the green side of the fence...

Score: 0

By lonechicken

posted Oct 11, 2007 - 9:41 AM

Exactly what the hell has been going on with Acrobat since 6.0 that's caused Adobe to constantly update it? Last few years, it's like every time I download a new PDF, I either get a message about needing to update to read it, or the update dialog box comes up anyway. And a lot of times, that dialog box just hides behind other windows (with no presence on the task bar) and I'm wondering why my browser seems frozen. And in the end, it's just another document that doesn't seem any more special than how PDFs looked since 4.x.

Score: 0

By ingram091

posted Oct 11, 2007 - 10:47 PM

I use Acrobat 5.0 zero problems... Reads everything. if it pops up saying there is a newer version ignore it and open the file. it opens with no problem. Least for me... I just gave up on adobe when the last reader took a good min and a half to open in comparison to Acrobat 5.0

Just dont think all their DRM is worth the slow loading times...

Score: 0

By Jordanr05

posted Oct 11, 2007 - 12:15 PM

Couldn't agree with you more.

Score: 0

By ZenWarrior

posted Oct 11, 2007 - 9:12 AM

Whew! Had me worried there for a while, but it's good to now hear the problem affects only 90% of the world's PCs and not all of them.

(Ditto on Foxit Reader.)

Score: 0

By Blackjetta

posted Oct 11, 2007 - 5:07 PM

Very Good ZenWarrior :>)

Score: 0

By DigitAl56K

posted Oct 11, 2007 - 2:30 AM

Save yourself the hassle and install Foxit Reader. The reader is free, it's not as big as a target for exploits as Adobe Reader, it doesn't lock your browser while it loads a pdf, and it doesn't redraw the page a billion times when you scroll.

Score: 0

Oct 11 - 11:16 AM ET Things left unsaid, in a recent interview with Sony's CEO

Oct 11 - 11:03 AM ET EU regulations block Italian ISPs from blocking Pirate Bay

Oct 11 - 10:55 AM ET Making it to Apple's App Store by staying out of court

Oct 10 - 7:43 PM ET Wal-Mart changes its mind, leaves existing DRM servers up

Oct 10 - 7:05 PM ET Hands on: An amateur photographer tests out Adobe's latest Lightroom

Oct 10 - 6:52 PM ET Mobile service providers brace for the economic storm

Oct 10 - 6:24 PM ET Apple warns users about bad Nvidia graphics chips

Oct 10 - 4:21 PM ET New Norton Vista tool trades UAC for online feedback

Oct 10 - 3:23 PM ET Verizon Wireless to raise fees for service-related texts

Oct 10 - 3:04 PM ET BlackBerry Bold sales halted in UK