Core security Technologies advised millions of individuals and business firms around the world who use Adobe Reader PDF file viewing software, which is unprotected and open to attack. The professionals of Core labs have discovered that Adobe reader can be used to obtain access to the systems with the help of a particularly crafted PDF file which contains malicious JavaScript. Core labs immediately warned Adobe to the vulnerability after discovering it. Since then the two companies are putting efforts and are coordinating efforts to create a patch and protect users of the program.

This problem was discovered by Damian frizza, a Core Labs engineer and researcher along with the CORE IMPACT Exploit writer’s team. The previous problem of adobe (CVE-2008-1104) which is mentioned in this report was discovered by Foxit Reader by Dyon Balding from Secunia Research.

The attackers can successfully exploit the systems only when that user opens that particularly created malicious PDF file, which can allow attackers to get access to the systems which are open to attack. It would cause a huge damage to the user who runs Acrobat reader. It is reported that Adobe Reader version 9, which was released earlier this year is not vulnerable to the problem.

A security update has been released by Adobe that protects the version 8.1.2 of reader which is prone to attack and users of effected versions can also solve this problem and reduce their loss by deactivating JavaScript functionally in the software's Edit/Preferences menu.