Google: Too Many Adobe Reader vulnerabilities. Be careful when using this vulnerability.

Google's security team pointed out on Thursday (8/16) that they tested Adobe Reader 9.5.1 and reported the vulnerability to Adobe In testing PDF Reader embedded in Chrome in June this year, however, Adobe Reader, updated on Thursday, has left many major vulnerabilities unfixed, so it warned Adobe Reader users.

Google security researchers Mateusz Jurczyk and Gynvael Coldwind said they created a bunch of PDF files to test the security of Chrome PDF Reader and found more than 50 vulnerabilities with varying severity, after repairing the company's products, they also tested the versions of Adobe Reader 9.5.1 on various platforms. They found that these archives total enable Adobe Reader to host 60 times, and they analyzed the records that let the program crash, 31 vulnerabilities are found to be categorized as major vulnerabilities, which should be repaired within 60 days, and 9 are potentially vulnerable to remote attacks.

After Google learned this result in June, it was easy to know Adobe. Adobe also launched a new version of Adobe Reader that supports Windows and Mac on Thursday. However, Google found that Adobe had fixed only 24 major vulnerabilities for programs, 16 were not fixed, and updates supporting the Linux platform were not yet released.

The Google security team said that even if there is no evidence that these vulnerabilities have been exploited, they are still worried that hackers do not have to spend too much effort to find differences from the old version of Adobe Reader, attackers can create attack programs. Since Adobe does not plan to release another security update within 60 days after Google notifies the vulnerability information, the team deems it obligated to inform Adobe Reader users of the risks.

The current situation on various platforms is that Adobe Reader users on the Linux platform are completely exposed to the major vulnerability threats submitted by Google, while Adobe Reader for Windows has 6 major vulnerabilities not fixed, adobe Reader for Mac OS X has 10 major vulnerabilities not fixed. Google recommends that users use Adobe Reader with restrictions, or at least do not enable external PDF files, and disable the browser's Adobe Reader Extension function before solving the problem.

Google also recommends that Windows users upgrade to the Adobe Reader X version, which can be used to suppress attacks. However, the latest version of Adobe Reader X does not support OS X and Linux.