InformationWeek – Security > Adobe Warns Of Critical Vulnerability In Acrobat, Reader

Welcome Guest | |

Home
Global CIO 2010
Case Studies
Special Features
Interviews
Top News
Section
Vertical
- BFSI
- IT/ITES
- Government
- FMCG
- Telecom
- Manufacturing
- Pharma
- Services
Special Property
Editor Zone
Analytics & Reports
International News

| | | | | | | | | | |

Security

Adobe Warns Of Critical Vulnerability In Acrobat, Reader
Users are advised to disable JavaScript until Adobe releases a patch, which may not occur for more than two weeks. By Thomas Claburn, InformationWeek, February 23, 2009

Adobe on Thursday warned that a critical security vulnerability exists in its Acrobat and Reader software.
"This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system," Adobe says in its security advisory. "There are reports that this issue is being exploited."

Symantec security researcher Patrick Fitzgerald explains that the vulnerability is caused by a PDF parsing error. "Once the malicious document is opened it will trigger the vulnerability," he said in a blog post. "The JavaScript payload then sprays the heap with the malicious shellcode in an attempt to increase the chances of a successful exploit. If the exploit is successful, a malicious binary will be dropped and executed on the victim's system."

Fitzgerald says that the malicious payload is a backdoor Trojan that comes from an open source toolkit known as Ghost that originated in China. Once installed on a computer, it allows the attacker to view the victim's desktop, record keystrokes, and access the machine remotely.

The vulnerability affects Adobe Reader 9 and earlier versions, and Adobe Acrobat Standard, Pro, Pro Extended 9, and earlier versions.

Adobe plans to release updates for Acrobat Reader 9 and Acrobat 9 by March 11, with updates for earlier versions of the software to follow.

In the meantime, Steven Adair, a security researcher with Shadowserver Foundation, advises that users disable JavaScript on their computers if they use either Adobe Reader or Adobe Acrobat.

"[W]e found that disabling JavaScript would definitely prevent the malware from being installed on the system," he explained in an online post. "However, it would still result in the crash of the application. We would HIGHLY recommend that you DISABLE JAVASCRIPT in your Adobe Acrobat [Reader] products. You have the choice of small loss in functionality and a crash versus your systems being compromised and all your data being stolen. It should be an easy choice."

In addition, US-CERT recommends preventing PDF documents from being opened automatically in Internet Explorer, disabling the display of PDF documents in any Web browser, and exercising caution when one receives PDF files from an unknown source.

blog comments powered by Disqus

Top Stories

Upcoming Webcast

"The Social Organization"
Attend Webcast on "The Social Organization" presented by Mark McDonald, Ph.D. Group Vice President, Gartner Fellow, Gartner Executive Programs - He discusses the approaches necessary to bring social media technology together with people to create mass collaboration and transform the way you work. This webcast discusses why it’s important to become a social organization rather than just having social media. Attend this webcast on Wednesday, February 8, 2012 at 11:00am

Interview

‘Employees are prioritizing device flexibility and work mobility over salary’
Mahesh Gupta, VP-Borderless Networks, Cisco India & SAARC discusses how enterprise mobility has become integral to an organization’s operational success

BankTech India - IT News for BFSI Segment

We're on Google+

InformationWeek India on Facebook