Adobe Zero day – late breaking info

Topic

New Reply

I’ll be updating this thread with late breaking info regarding the Adobe reader zero day. At this time there is no patch but when there is, I’ll post here with my recommendations.

Thanks in advance.

Susan

Reply | Quote

Replies

Here is a bit more information for those who would like to know what this is all about.

It looks to me as though you will be safe if you have disabled Javascript in Adobe Reader, this is always a good thing to do unless you have a very good reason to enable it. You should also be protected if you have a reputable virus scanner and keep your virus signatures up to date.

Reply | Quote

Here is a bit more information for those who would like to know what this is all about.

It looks to me as though you will be safe if you have disabled Javascript in Adobe Reader, this is always a good thing to do unless you have a very good reason to enable it. You should also be protected if you have a reputable virus scanner and keep your virus signatures up to date.

According to the ZDnet blog at http://blogs.zdnet.com/security/?p=5119&tag=nl.e589 , “There is little to no detection of these malicious PDF files from most of the major Antivirus vendors.” ….So disable that Javascript!

Reply | Quote

It would be good with a little more information, or links to pages with such information, when you decide to post, even though it’s at an early stage, Otherwise one can perhaps wait with the post until there is such information.

It’s been mentioned at Adobe’s PSIRT blog: New Adobe Reader and Acrobat Vulnerability [Adobe Product Security Incident Response Team (PSIRT)]. And in blog posts after that.

There is a security bulletin released: APSA09-07 Security Advisory for Adobe Reader and Acrobat

As Stuart mentioned, this early on one can disable JavaScript in the abovementioned Adobe products (Adobe Reader and Acrobat 9.2), if one hasn’t already done that. JavaScript is, however, enabled by default, and since it is reported that the vulnerability is being actively exploited, it is critical to take a look at the settings in the software.

The abovementioned security bulletin, the Security Advisory, will be updated, as usual, when they have scheduled a fix.

So far a quite simple zero-day issue. As we have seen before when it comes to the PDF formart it’s so far targeted attacks, in this case it’s also simple to mitigate the issue.

Reply | Quote