Adobe PDF Reader zero-day attacks
Here we go again. Another security problem with the Adobe PDF reader. Ryan Naraine reports at ZDNet:
Malicious hackers are exploiting a zero-day (unpatched) vulnerability in Adobe’s ever-present PDF Reader/Acrobat software to hijack data from compromised computers.
According to an advisory from Adobe, the critical vulnerability exists in Adobe Reader and Acrobat 9.2 and earlier versions. It is being exploited in the wild.
The company has activated its security response process but declined to offer any more details until an investigation is complete.
Unfortunately, the company did not provide any mitigation guidance for customers.
The only defense at this time seems to be disabling JavaScript. Or, as I have mentioned many times, uninstall Adobe and use Foxit or Sumatra to read PDF files.
If you insist on Adobe Reader, disable JavaScript by going to the “Edit” menu in the reader, open “Preferences”, click “JavaScript” in the left pane, and then uncheck “Enable Acrobat JavaScript”.
Did you enjoy this post? Why not leave a comment below and continue the conversation, or subscribe to my feed and get articles like this delivered automatically to your feed reader.
Comments
No comments yet.
Sorry, the comment form is closed at this time.