Adobe Reader users could fall prey to PDFs loaded with malware warns Adobe
Adobe is working on a permanent security fix for its Adobe Reader software after a security researcher demonstrated how users could be attacked with PDF documents loaded with malware.
The attacks use the "launch" functionality of the Adobe Reader/PDF technology, with the attacker able to bypass the security warnings given to users when they choose to open PDF documents from unknown sources.
"This is a good example of powerful functionality relied upon by some users that also carries potential risks when used incorrectly by others," said Adobe in a blog on the threat.
"The warning message provided in Adobe Reader and Acrobat includes strong wording advising users to only open and execute the file if it comes from a trusted source. The default option within the dialog box is to not execute," it said.
Adobe has offered workarounds to mitigate the risk of attacks while it works on a full fix.