Adobe Reader Found to be Poked Full of Security Holes

When the Internet came to pass back in the 1980’s, there was no way that people could imagine how powerful it would become. Yet, here consumers are thirty years later and most folks would not be able to function without a link to the world wide web. As this marvellous invention has grown to unforeseen heights, so has another segment of the population. This one, though, is anything but friendly. They are hackers, a group devoted to causing chaos on the Internet by exploiting security flaws in numerous computer programs.

These people have poked many a hole in the software of Bill Gates (Windows) and most of the other high profile operating systems, but one that is not usually heard from is Adobe and its famed reader. That ended this week though, when two developers that work with the Google Security team turned up some alarming finds that they decided to publish.

According to an article posted on, Mateusz Jurczyk and Gynvael Coldwind did testing on two segments of Adobe. They started out doing work with the plugin for Google Chrome, which led to the finding of some fifty vulnerabilities that could have been exploited by hackers. They ranged in severity from minor things to ones that could have been used to take over an affected computer. Perhaps because Chrome is a Google latest and greatest, most of those were resolved with patches from Adobe.

The two developers decided to keep at it, next examining Adobe Reader for Windows, Linux, and OSX. Not surprisingly, the same vulnerabilities were spotted in these versions. However, additional discoveries also were unearthed, leaving products that had over sixty security holes that were in need of immediate repair. Again, some of these security breaches were so severe that hackers could have used them to run code on an unsuspecting workstation. Once the two had come up with a defined list, they forwarded it on to Adobe, in hopes that they would remedy the situation.

One would have thought that this would be the end of this, with Adobe creating and distributing fixes to close these security flaws. In some cases, this did happen, as a number of the Windows and OSX loopholes were closed up. What is shocking to anyone that views or uses PDF files is that not everything was fixed! 16 out of the 60 security holes still remain on the Windows and OSX side. Users of the LINUX platform should prepare for an even bigger shock.

None of the LINUX security problems were patched, according to the two engineers. That means that any LINUX user that works with PDF files could be taking their computer security into their own hands. Each time they open a file of that nature, it could give a hacker the ability to take over the system and do what they like. For such a prominent name as Adobe, one would have expected a much quicker response to a security flaw such as this. It will be fascinating to see how this might affect their bottom line in quarters three and four of 2012.