Security flaw found in Adobe Reader

The Adobe Reader, used to read PDF documents, has been found to have security flaws.  Malicious executables can be embedded in PDF files and launched with little user interaction.  This flaw currently is being exploited by malware used by identity thieves.

PDF files are widely used for documents, from user manuals, to invoices that are electronically sent.

Currently, the solution is to turn off this feature in Adobe Reader.  You can turn off this functionality in the Adobe Reader and Adobe Acrobat Preferences by selecting Edit -> Preferences -> Categories -> Trust Manager -> PDF File Attachments, and clearing (unchecking) the box “Allow opening of non-PDF file attachments with external applications”.  Doing this will prevent any file type other than PDF attachments to launch.

Adobe is still investigating and may fix this flaw, and release the fix in an upcoming security patch.

Leave a Reply