Fiserv to Banks: Stay on Outdated Adobe Reader
Brian Krebs reveals that Fiserv, a “Fortune 500 company that provides bank transaction processing services and software to more than 16,000 clients worldwide,” is urging customers not to use the most updated version of Adobe Reader. In a notice dated February 18, 2010 on a part of its web site available to security and IT managers at partner financial institutions, Fiserv writes, in part:
Until further notice, please do not upgrade Adobe Reader past version 8.1. We have recently found that there are potential compatibility issues with some of our Adobe-based products. If you have already upgraded past this version you can try uninstalling to a lower version. This may or may not be successful. For instructions on uninstalling, please visit www.Adobe.com.
Wow. Advising clients not to use the most secure version because it’s not compatible with your products, when you’d be asking them to leave themselves at risk of an attacker taking control of their systems?
Read more on KrebsonSecurity.com Brian reports that he’s asked Fiserv for more information, so watch his site for more info on this.