[an error occurred while processing this directive]
BBC News
watch One-Minute World News
Last Updated: Friday, 5 January 2007, 13:20 GMT
Security bug found in PDF reader
Adobe head office, AP
The Reader software is used by millions of people
Web users are being urged to upgrade their Adobe reader software as a security flaw is found in older versions of the program.

Millions of people use the reader software to view documents prepared in the popular PDF format.

Security researchers said malicious hackers exploiting the flaw could view victim's hard drives or use it to make phishing scams look more plausible.

So far there is no evidence that the bug is being exploited in the wild.

The flaw is found in the web browser plug-in of the Adobe Reader software. Ordinarily this allows PDF documents to be viewed in a browser window.

But by exploiting the flaw hi-tech criminals could use links to PDF files stored on any website to attack vulnerable Windows PCs.

Information about the flaw in the Adobe reader software was first revealed at the annual conference of the Chaos Computer Club - a venerable German hacker group.

Since then security researchers have investigated and found that it could also be used to view files on the hard drive of a vulnerable PC.

Writing about the flaw Symantec security researcher Hon Lau said: "The ease [with] which this weakness can be exploited is breathtaking."

So far no cyber criminals are thought to be actively exploiting the Adobe Reader flaw but code to do so has been produced.

Initially it was thought that only users of the Firefox web browser were at risk but now it is known that Internet Explorer users are vulnerable too.

Upgrading to version 8 of the Adobe Reader software removes the risk of falling victim to the flaw.

Adobe buys Macromedia for $3.4bn
18 Apr 05 |  Business
Tools reveal secret life of documents
03 Jul 03 |  Technology
Flash to the future
12 Dec 06 |  Technology
Security project focuses on Apple
04 Jan 07 |  Technology
Spam surge drives net crime spree
26 Dec 06 |  Technology
Virus writers target web videos
31 Oct 06 |  Technology

The BBC is not responsible for the content of external internet sites

Has China's housing bubble burst?
How the world's oldest clove tree defied an empire
Why Royal Ballet principal Sergei Polunin quit


Americas Africa Europe Middle East South Asia Asia Pacific