Adobe has acknowledged that recent versions of Reader and Acrobat contain unpatched bugs that could allow attackers to take over Windows systems via Internet Explorer.
The bugs were discovered by security company FrSIRT and reported to Adobe a week ago, the company said in an advisory this week. Both FrSIRT and Adobe classified the bugs as "critical", since they could be exploited by simply luring an Internet Explorer user to a malicious website.
The bugs affect Adobe Reader 7.0.0 to 7.0.8 and Adobe Acrobat, both Standard and Professional versions, 7.0.0 through 7.0.8 on Windows. More specifically, the bugs affect the AcroPDF ActiveX control, AcroPDF.dll, which runs in Internet Explorer. Explorer is the only browser to use ActiveX, meaning other browsers aren't affected. Acrobat 8 is also unaffected. Adobe's recommended workaround is to delete the AcroPDF.dll file, as outlined in its advisory.
FrSIRT says the bugs involve memory corruption in AcroPDF.dll causing it to improperly handle malformed arguments passed to the "setPageMode()", "setLayoutMode()", "setNamedDest()" and "LoadFile()" methods. Adobe says it is working on a fix, which it hopes to publish on its "in the near future".