Common Tasks

Recent Posts

Community

Email Notifications

Personal Links

Archives

Security Protection - Harry Waldron (CS)

Security Best Practices, Breaking News, & Updates

Adobe PDF Reader - Zero Day JavaScript attacks circulating in the wild

Lightning Please be careful with all PDF files, keep AV protection updated, and look for future Adobe releases which will address this issue. I usually keep JS off unless it's required to fill out a PDF form.

Adobe PDF Reader - Zero Day attack circulating
http://www.adobe.com/support/security/advisories/apsa09-07.html
http://www.avertlabs.com/research/blog/index.php/2009/12/16/another-adobe-reader-zero-day-take-care/

QUOTE: Adobe has confirmed a critical vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions that could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild. Adobe recommends customers follow the mitigation guidance below until a patch is available

Star HOW TO DISABLE JAVASCRIPT IN ADOBE READER

Customers can mitigate the issue by disabling JavaScript in Adobe Reader and Acrobat using the instructions below:

1. Launch Acrobat or Adobe Reader.
2. Select Edit>Preferences
3. Select the JavaScript Category
4. Uncheck the 'Enable Acrobat JavaScript' option
5. Click OK