- Adobe Reader 8.1 and earlier
- Adobe Acrobat Professional, 3D, and Standard 8.1 and earlier
- Adobe Reader 7.0.9 and earlier
- Adobe Acrobat Professional, 3D, Standard, and Elements 7.0.9 and earlier
Microsoft Windows XP and Server 2003 systems with Internet Explorer 7 contain a vulnerability that could allow an attacker to take control of your computer by convincing you to open a malicious PDF document. Public reports indicate that this vulnerability is being actively exploited.
Apply an update
Adobe has released Adobe Reader 8.1.1 and Adobe Acrobat 8.1.1 to address this issue. Please see Adobe Security Bulletin APSB07-18 for details.
Microsoft Windows XP and Server 2003 systems with Internet Explorer 7 installed contain a vulnerability in the way Windows determines the appropriate program to handle data specified in a Uniform Resource Identifier (URI). An attacker can exploit this vulnerability by convincing you to open a specially crafted PDF document. The attacker could gain access your computer, install and run malicious software on your computer, or cause it to crash.
- Adobe Security Bulletin APSB07-18 - <http://www.adobe.com/support/security/bulletins/apsb07-18.htm>
- Microsoft Security Advisory (943521) - <http://www.microsoft.com/technet/security/advisory/943521.mspx>
- US-CERT Vulnerability Note VU#403150 - <http://www.kb.cert.org/vuls/id/403150>
- US-CERT Technical Alert TA07-297B - <http://www.us-cert.gov/cas/techalerts/TA07-297B.html>
October 24, 2007: Initial release