Adobe Systems, the makers of the popular Adobe Acrobat, is warning today of a security hole in both its Adobe Reader and Adobe Acrobat PDF viewer software. Adobe Reader is a widely distributed and used free software program for viewing PDF files.

According to the Adobe Web site, “The vulnerability is within the Adobe Reader control. If an XML script is embedded in JavaScript, it is possible to discover the existence of local files. An attacker could then use the information gathered for malicious purposes.”

The site then goes on to say that the attacker would need to know the filename and full directory path in order to take advantage of the security hole, but still, anyone using either Adobe Acrobat or Reader should update them immediately…

[Continue reading Security Hole In PDF Reader & Acrobat PDF Viewer, Warns Adobe]