Adobe Reader /Acrobat Vulnerability In PDF

This post was written by admin on February 23, 2009
Posted Under: PC Security, malware

There is a flaw in Adobe Reader and Adobe Acrobat that could compromise users computers if they open a malicious PDF document.

Update released by Adobe click here for details and to update

According to Symantec and the Shadowserver Foundation, hackers are exploiting the flaw in the wild but attacks are not yet widespread.

Adobe have rated the flaw as 'critical' and are expected to release a patch for Reader 9 and Acrobat 9 by March 11. The company has also said that patches for version 8 will follow and then a patch for version 7 of  both Adobe Reader and Adobe Acrobat.

Before the patches are released hackers will attempt to use the flaw to compromise and infect users computers.

PDF is widely used which makes the flaw extremely dangerous and could cause the application to crash and also potentially allow an attacker to take control of the affected system.

Until such time as the patch is released, users are advised NOT to open PDF files from unknown sources and as the flaw relies upon the use of JavaScript users should disable JavaScript in both Adobe Acrobat and Adobe Reader.

This is simply done by opening Adobe, click on Edit, scroll down and click Preferences.

In the Preferences window click on Javascript and UNTICK 'Enable Acrobat JavaScript', click OK and exit.

The choice is simple, disable JavaScript and there may be a small loss of functionality and your system may crash, or leave it as it is and your system could be compromised and data stolen through this flaw.

This is NOT isolated to Adobe, it affects many more PDF readers.

Quote from Symantec:
This exploit is currently detected heuristically as Bloodhound.PDF.6 by our products. We have noticed an increase in submissions of similar PDFs using this exploit.

PDF users are advised to use caution when opening PDF documents and ensure that all antivirus and antimalware programs are updated.

If the exploit is successful, a malicious code will be dropped and executed on the victim’s computer as a Backdoor Trojan which can be used to view the desktop, record keystrokes and remotely access to users computers.

Versions affected are Adobe Reader 9 and earlier versions, Adobe Acrobat Standard, Pro, and Pro Extended 9 and earlier versions

AddThis Social Bookmark Button

Surf Safer, Surf with WOT - Click Here or the links below

Internet ExplorerWeb of Trust for Internet Explorer

FirefoxWeb of Trust for Firefox

Google ChromeWeb of Trust for Google Chrome

OperaWeb of Trust for Opera

, , , , , ,

This content has been Digiproved © 2010

Add a Comment

required, use real name
required, will not be published
optional, your blog address

IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)

What is 4 + 2 ?
Please leave these two fields as-is:
Please leave these two fields as-is:

Protected by Invisible Defender. Showed 403 to 334 bad guys.

Next Post:
Previous Post:
Get Adobe Flash playerPlugin by wpburn.com wordpress themes