New information released this morning by F-Secure widens the already-known threat to users of the free AdobeReader. The security holes in AdobeReader are allowing infiltrating “backdoors” to be installed, and the most common target at the moment are government domains. This does not mean you are safe just because you don’t work for the government. Adobe has yet to create the appropriate patches for the all of the existing flaws, which surround primarily web browser plugins rather than the AdobeReader program itself.
Alternative PDF-readers are available for free, but these also have been found to have flaws.
There is no easy solution, but accepting all updates available from Adobe is a good start. Even though the update process is cumbersome and many of us cancel the process before it can complete, accepting those updates may be your best protection. Also, as all geeks know, don’t accept/open PDF’s from unreliable sources (like those coming in emails with Ukrainian domain names). Opener beware!