Adobe Systems is set to issue patches for older versions of its Reader and Acrobat Reader software. The company said that these contain a dangerous vulnerability that could be used for phishing attacks or to remotely access files on a computer.
The problem affects versions 7.0.8 and earlier. Adobe is telling users of those versions to disable the Acrobat and Reader plug-in in their browser until the patches are issued.
Since the problem became public, Adobe has also been encouraging customers to upgrade to Reader 8, the latest version of its program, which is not affected by the vulnerability.
Some users can't upgrade to the new version, however, so Adobe will issue the patches for those users next week, said Meredith Mills, an Adobe spokeswoman.
Adobe is also warning users to exercise caution when clicking on untrusted links, since those links could be manipulated to run an exploit.
Symantec wrote in its blog that the vulnerability affects the Firefox Web browser. Further tests showed that users running a combination of Internet Explorer (IE) 6 and Adobe Reader 7 on Windows XP Service Pack 1, and Internet Explorer 6 and Adobe Reader 4 on Windows XP Service Pack 2, are also vulnerable.