Hackers Exploiting Security Hole in Acrobat Reader
A very serious security problem has been been discovered with Adobe Acrobat Reader that affects both 8.1.2 and 9.0.0 versions. This newly discovered security vulnerability is being actively exploited, albeit it in small scale so far, by the bad guys.
Adobe won’t have a security patch until March 12th for v9 and thereafter for v8.
Some security products already detect the exploit attacks as a virus, but the following workaround should mitigate against the attacks being used by the bad guys until a patch is available:
- Start Acrobat Reader.
- Select Edit -> Preferences -> Javascript.
- Uncheck the box that says Enable Acrobat JavaScript.
- Close the preferences dialog box and exit Acrobat Reader.
More information on this security problem can be in the following web articles:
The Register article : "New in-the-wild attack targets fully-patched Adobe Reader"
Remember, the bad guys are out to get you, so be safe!
Technorati Tags: Acrobat Reader, Adobe, exploit, Javascript
February 26th, 2009 at 5:49 am
Thanks for the notes – I’ve uninstalled my Adobe products for the next little while.
February 26th, 2009 at 8:04 am
You can get away with the workaround and ensure you have a decent antivirus / security suite that has detection of any exploits trying to use the security hole.