A critical vulnerability has been identified in Adobe's Acrobat and Reader software which affects Internet Explorer users.

As well as causing crashes, the frailty could allow a botnet to take control of the whole computer when a PDF is opened within Explorer.

The hole is present in Acrobat Standard and Professional versions 7.0.0 to 7.0.8, and Adobe Reader 7.0.0 to 7.0.8. Only Microsoft's browser is vulnerable.

Adobe's programmers are working on a patch, which should be available on its support site soon. In the meantime, deleting AcroPDF.dll from the will prevent Explorer from opening PDFs in the browser window.

Adobe's advisory is here. ®

Related stories

• Adobe puts Acrobat flaw on the critical list (7 December 2006)

  https://www.theregister.com/2006/12/07/adobe_acrobat_flaw/

• Adobe boss won't rule out suing over Vista (20 November 2006)

  https://www.theregister.com/2006/11/20/adobe_vista_complaints/

• Adobe opens Flash to Firefox (7 November 2006)

  https://www.theregister.com/2006/11/07/adobe_flash_firefox/

• Microsoft promises more info for security firms (19 October 2006)

  https://www.theregister.com/2006/10/19/microsoft_promises_more_info/

• Adobe, Symantec press EC to remove Vista tanks from their lawns (22 September 2006)

  https://www.theregister.com/2006/09/22/symantec_adobe_vista_objections/

• Trojan targets 0-day Word vuln (5 September 2006)

  https://www.theregister.com/2006/09/05/ms_office_trojan/

• Worm feasts on latest Windows vuln (14 August 2006)

  https://www.theregister.com/2006/08/14/cuebot_worm_targets_ms_vuln/