Gadgetell | Tech News, Reviews, and Interesting Things

Danish security researchers have discovered that Adobe is offering a badly outdated and bug ridden version of their popular Reader software on their website.  The version, Reader 9.1, was released in early March and has 14 security vulnerabilities that have been patched in two subsequent versions.

By offering the outdated version to users who visit the site to obtain Adobe reader, it leaves them open to possible attacks by hackers who could use malformed PDFs to hijack their PCs.  Adobe does push updates to users via Adobe Updater but is slow to do so.  It could take several days or weeks for a user to receive the correct, up to date version of Adobe Reader.

“PC users need to patch all their vulnerable programs and they need to do so as fast as possible after the patch has been issued from the vendor,” said said Mikkel Winther, the manager of the PSI partner program. “Failing to do so is playing Russian Roulette…. It is only a question of time, and luck, when your system will be compromised.”

If you have downloaded Adobe Reader recently or find yourself needing to, make sure you manually update it by choosing “Check For Updates” in the Help menu.  Adobe has ignored inquires asking why they are offering an outdated version of their software. 

Read [PCWorld]