In a post to its product security blog, the company said it was investigating reports of a serious flaw in Adobe Reader. While initial reports only stated that a flaw had been found in the Linux version of Adobe Reader, the company updated the post on Tuesday to include Windows and Mac OS X versions as well.
"Adobe plans to provide updates for all affected versions for all platforms — Windows, Macintosh and Unix — to resolve this issue," the company stated on its blog. "We are working on a development schedule for these updates and will post a timeline as soon as possible. We are currently not aware of any reports of exploits in the wild for this issue."
The warnings appear similar to those that forced Adobe to issue a security advisory in February, and a patch the following month, urging users to beware of Reader attacks. Because of their ubiquity, Adobe's Acrobat and Flash software have become popular targets of security researchers, who try to find vulnerabilities to help secure software, and online criminals, who try to exploit the vulnerabilities. The repeated vulnerabilities and the lure of such a large user base have caused at least one security company, F-Secure, to recommend that people use alternate applications.
The vulnerability in Adobe Reader was first disclosed through SecurityFocus's Bugtraq database.
If you have tips or insights on this topic, please contact SecurityFocus.
Posted by: Robert Lemos