LandzDown Forum
September 08, 2010, 01:40:35 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News:
 
   Home   Help Search Members Staff List Login Register  
LandzDown Forum > Security > Security Alerts & Briefings (Moderator: Eric the Red) > Critical Adobe PDF Vulnerability: Disable JavaScript!
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Critical Adobe PDF Vulnerability: Disable JavaScript!  (Read 2099 times)
0 Members and 1 Guest are viewing this topic.
Corrine
The Mystical Rose
Administrator
Hero Member
*****
Online Online

Posts: 9462


"Stronger than the past, united in our goal."


WWW
« on: December 15, 2009, 09:14:16 PM »
There is yet another vulnerability in Adobe Reader and Adobe Acrobat 9.2, including all earlier versions, being actively exploited in the wild. although the exploit is actively being used by attackers, at this time the number of attacks are limited. This is expected to change within the next few weeks.

All users of Adobe Reader and Adobe Acrobat 9.2 are strongly encouraged to incorporate the suggested workaround by disabling JavaScript in Adobe PDF Reader/Acrobat:
Click: Edit -> Preferences -> JavaScript and uncheck Enable Acrobat JavaScript

For home use, you may wish to replace Adobe Reader with an alternate PDF reader. Other options are available at http://pdfreaders.org/.

New Adobe Reader and Acrobat Vulnerability
Logged
,  

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.
Corrine
The Mystical Rose
Administrator
Hero Member
*****
Online Online

Posts: 9462


"Stronger than the past, united in our goal."


WWW
« Reply #1 on: December 16, 2009, 10:46:52 PM »
Update: Adobe PSIRT announced plans to issue an update to Adobe Reader and Acrobat by January 12, 2010. In addition, the official Security Advisory was posted at Adobe - Security Advisories: APSA09-07.
Logged
,  

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.
Eric the Red
ISO/IEC 27001:2005
Administrator
Hero Member
*****
Offline Offline

Posts: 1559


Would somebody please pass me a beer!
« Reply #2 on: December 16, 2009, 11:23:02 PM »
The Internet Storm Center is tracking this and their updates contain information about the malware and details of one site to block (one at the time of writing, others will probably be found hosting the malware).

http://isc.sans.org/diary.html?storyid=7747
Logged
"The time to start running is around about the "e" in "Hey, you!" "
Proud member Since 2004 

The information I provide is provided "AS IS" without warranty, and confers no rights.
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.11 | SMF © 2006-2009, Simple Machines LLC Valid XHTML 1.0! Valid CSS!