Fixing the Adobe flaw
there is a highly publicized flaw in Adobe Reader that has been actively exploited since at least early Februrary. According to Adobe's Security Bulletin they are not planning on releasing a patch until March 11. In lieu of that patch I'd like to point out a few solutions that are currently available.
The first work around is to turn off JavaScript. Do this by selecting Edit > Preferences > Javascript an then uncheck ''Enable Acrobat JavaScript'. This works because even though the exploit itself is not in JavaScript the attack code generally does use it.
If you are responsible for the security for several computers you may wish to disable JavaScript via the registry. The guys at PhishLabs have pointed out how to do this. According to their blog you can disable JavaScript in Adobe Reader in this registry key:
The second work around is to install a patch by Lurene Grenier, a vulnerability researcher at Sourcefire. You can download the patch from their blog here. I do not generally recommend this as it may complicate Adobe's update in the future and disabling JavaScript should be enough.
Of course I should mention that I don't even use Adobe Reader. For PDF reading I use the alternative reader by Foxit ( here ). It is a great lightweight reader that isn't as high profile as Adobe (providing a lower attack-payoff).
The first work around is to turn off JavaScript. Do this by selecting Edit > Preferences > Javascript an then uncheck ''Enable Acrobat JavaScript'. This works because even though the exploit itself is not in JavaScript the attack code generally does use it.
If you are responsible for the security for several computers you may wish to disable JavaScript via the registry. The guys at PhishLabs have pointed out how to do this. According to their blog you can disable JavaScript in Adobe Reader in this registry key:
HKCU\Software\Adobe\Acrobat Reader\9.0\JSPrefs\bEnableJS
The second work around is to install a patch by Lurene Grenier, a vulnerability researcher at Sourcefire. You can download the patch from their blog here. I do not generally recommend this as it may complicate Adobe's update in the future and disabling JavaScript should be enough.
Of course I should mention that I don't even use Adobe Reader. For PDF reading I use the alternative reader by Foxit ( here ). It is a great lightweight reader that isn't as high profile as Adobe (providing a lower attack-payoff).
Comments