Adobe Confirms PDF Vulnerability, Offers a Workaround
More than two weeks ago we warned Windows users about a leak in Adobe Acrobat/Reader PDF documents with a high security risk. The flaw could allow hackers to use a malicious code added to PDF documents to take control of Window XP computers with Internet Explorer 7 installed.
In a securty advisory Adobe confirmed the vulnerability and promised to launch a comprehensive fix till the end of October 2007. Until then Adobe recommends users to use a workaround to avoid hack attacks.
The workaround involves disabling the mailto: option in Acrobat, Acrobat 3D 8 and Adobe Reader by modifying the application options in the Windows registry.
In its advisory, Adobe provided step-by-step instructions for manual editing of the registry but Windows users should be aware that careless registry editing can cause serious problems.