Adobe declared about a new discovery of a security flaw that could give attackers control over compromised systems. They have warned their users about its root cause.

The vulnerability affects the ActiveX components for versions 7.0.0 through 7.0.8 of both its Reader and Acrobat applications.

This vulnerability can be exploited when a user views a specially-crafted web page with Internet Explorer. Once the exploit has been executed, an attacker would have the ability to remotely install and execute malware.

The vulnerability was originally reported by French security research firm FrSIRT. Both FrSIRT and Adobe rate the vulnerability as “critical” and this is a highest alert level for both organisations.

According to Adobe, the threat can be neutralised by deleting the AcroPDF.dll ActiveX file. This will disable the ability to view PDF files within Internet Explorer, however. Other browsers and non-Windows operating systems are not affected by this vulnerability.

Popularity: 2%