Windows users might want to watch out for PDF files of dubious origin, judging by an article at eWeek. The article quotes security analyst Petko D. Petkov as saying Adobe Reader is subject to a zero-day security vulnerability through which an attacker can take over a Windows system. According to Petkov, “All it takes is to open a [maliciously rigged] PDF document or stumble across a page which embeds one.” The issue has reportedly been verified on Windows XP Service Pack 2 with Adobe Reader 8.1, but previous versions of Adobe Reader may also be vulnerable.
Meanwhile, eWeek says Symantec has issued a warning to customers via its DeepSight Alert Services. The warning talks of an “unspecified vulnerability when handling malicious PDF files” that allows attackers to take over victims’ machines.