KEY POINTS:
BOSTON - Adobe Systems whose software is used by millions of people to read documents sent over the internet, said some of its programs contain a flaw that makes personal computers vulnerable to attack.
In a posting on its website, Adobe said the "critical" flaw is incorporated into versions of Adobe Reader and Acrobat software, and could allow malicious programs to get on to a PC without the user knowing about it.
Such programs can take control of a machine and steal confidential data, send out tens of thousands of spam emails, or infiltrate government computer systems.
Adobe said it is working on software that will rectify the problem but that it might not be available until the end of October. That may not be fast enough to stop determined hackers, some experts say.
"Users should pressure Adobe to release a patch sooner than that," said Gadi Evron, a security expert at Beyond Security. He has organised three closed-door international conferences on efforts by governments and private companies to fight computer attacks.
Adobe's software has rarely had flaws that have made it the target of hackers, so its users tend to let their guard down when opening potentially dangerous documents, Evron said.
Recent examples of software flaws have corrupted eBays Skype internet telephone service and Time Warner AOL instant messaging software. Hackers sometimes hide malicious software inside MicrosoftWord documents and photo files, hobbling computers when users open them.
Officials with Adobe weren't immediately available for comment.
The flaw was brought to Adobe's attention by a report on the internet, the company said on its website.
Until the problem is fixed, Adobe has posted instructions for how to work around the problem on its website. It involves changing settings in a database that controls the way Microsoft Windows operates.
Adobe said that PC users unable to program that database may need to wait until the software itself is fixed. The company said it will notify users of the fix on its website.
"In the meantime, Adobe recommends that Acrobat and Reader customers use caution when receiving unsolicited email communications requesting user action, such as opening attachments or clicking web links," the posting said.
It is available here.
- REUTERS
