Adobe Reader and Acrobat Remote Code Execution Vulnerability

Tue, Dec 15 2009 18:11 Don

Adobe Reader and Acrobat Remote Code Execution Vulnerability

Adobe has stated that they are investigating public reports of a vulnerability affecting Adobe Reader and Acrobat. Public reports indicate that exploitation of this vulnerability may occur when a user opens a specially crafted PDF file. Exploitation of this vulnerability may result in arbitrary code execution. Public reports currently indicate active exploitation of this vulnerability.

US-CERT encourages users and administrators to do the following to help mitigate the risks until the vendor is able to provide an update:

Review the Adobe blog entry regarding this issue.

Use caution when opening PDF files from untrusted sources.

Disable JavaScript in Adobe Acrobat and Reader. To do this, click "Edit," then "Preferences" and then "JavaScript," and uncheck "Enable Acrobat JavaScript."

US-CERT will provide additional information as it becomes available.

Filed under: News

DP's Security Bits

Search

Tags

News

Community

Syndication

Archives

Links of Interest

Microsoft

Malware Removal Help

Adobe Reader and Acrobat Remote Code Execution Vulnerability