Two New Exploitable Security Holes Plague Adobe
It has come to light that there are two 0-day security vulnerabilities affecting “all currently supported shipping versions” of Adobe Acrobat and Adobe Reader (this includes the recently release Acrobat 9.1 and Reader 9.1). Proof-of-concept exploit code regarding the vulnerability has been published online, meaning that you need to take steps in order to protect your system. The only viable options, until Adobe released an update are:
1. Turn off JavaScript in Adobe Reader. In order to accomplish this task you need to follow these steps: launch Adobe Acrobat/Reader -> Edit -> Preferences-> select JavaScript -> Uncheck “Enable Acrobat JavaScript” -> Click “OK”.
2. Switch to alternate PDF readers. A list is provided here. Keep in mind that you do not need a PDF reader to view PDF documents in Gmail, for example. Also keep in mind that you could convert PDF documents to other formats (for free, online), and open the converted document instead.
Here is what F-Secure, company that specializes in providing security software solutions, has to say about the security holes: “Two new vulnerabilities have been found in Adobe Reader and are under investigation by Adobe. The vulnerabilities exist in two JavaScript functions; getAnnots() and spell.customDictionaryOpen() and both allow remote code execution. This means they both could be used in targeted attacks and drive-by downloads. There are PoCs (Proof of Concept) available for both vulnerabilities but so far no in-the-wild attacks. We've said it before but it's worth repeating — use an alternative to Adobe Acrobat Reader.”
The security vulnerability has been acknowledged by Adobe: “All currently supported shipping versions of Adobe Reader and Acrobat (Adobe Reader and Acrobat 9.1, 8.1.4, and 7.1.1 and earlier versions) are vulnerable to this issue. Adobe plans to provide updates for all affected versions for all platforms (Windows, Macintosh and Unix) to resolve this issue. We are working on a development schedule for these updates and will post a timeline as soon as possible. We are currently not aware of any reports of exploits in the wild for this issue.”
1. Turn off JavaScript in Adobe Reader. In order to accomplish this task you need to follow these steps: launch Adobe Acrobat/Reader -> Edit -> Preferences-> select JavaScript -> Uncheck “Enable Acrobat JavaScript” -> Click “OK”.
2. Switch to alternate PDF readers. A list is provided here. Keep in mind that you do not need a PDF reader to view PDF documents in Gmail, for example. Also keep in mind that you could convert PDF documents to other formats (for free, online), and open the converted document instead.
Here is what F-Secure, company that specializes in providing security software solutions, has to say about the security holes: “Two new vulnerabilities have been found in Adobe Reader and are under investigation by Adobe. The vulnerabilities exist in two JavaScript functions; getAnnots() and spell.customDictionaryOpen() and both allow remote code execution. This means they both could be used in targeted attacks and drive-by downloads. There are PoCs (Proof of Concept) available for both vulnerabilities but so far no in-the-wild attacks. We've said it before but it's worth repeating — use an alternative to Adobe Acrobat Reader.”
The security vulnerability has been acknowledged by Adobe: “All currently supported shipping versions of Adobe Reader and Acrobat (Adobe Reader and Acrobat 9.1, 8.1.4, and 7.1.1 and earlier versions) are vulnerable to this issue. Adobe plans to provide updates for all affected versions for all platforms (Windows, Macintosh and Unix) to resolve this issue. We are working on a development schedule for these updates and will post a timeline as soon as possible. We are currently not aware of any reports of exploits in the wild for this issue.”
