geekEleet

Core Security Technologies says it has discovered a new critical security hole in Adobe Reader that could allow an attacker to take control of a computer running the software.  This newly found vulnerability affects Adobe Reader version 8.12.

Essentially, an attacker could embed malicious JavaScript code inside of a PDF.  According to CNET News, “Once the file is opened, the code could manipulate the program’s memory allocation pattern and trigger the vulnerability to execute arbitrary code with the privileges of that user.”

Sadly, a CoreLabs researcher discovered the vulnerability back in May, however Adobe has yet to patch this hole.  Similar vulnerabilities have been found in Adobe software in the past.