Adobe has fixed a security vulnerability in its Reader software that created a mechanism for hackers to commandeer vulnerable systems.
The unspecified heap corruption flaw affects Adobe Reader versions 6.x and 7.x and means users tricked into opening malformed PDF documents might be exposed to malware. Credit for discovering the bug goes to security researcher Piotr Bania.
Users are advised to upgrade to reader version 7.0.9 or upgrade to version 8.0, as explained in an advisory by Adobe here. Updating to Adobe Reader version 8.0 also fixes a variety of other security vulnerabilities discovered last week. ®