Adobe Acrobat, Reader under attack

December 15, 2009 | 13:55

Tags: #acrobat #adobe-acrobat #adobe-reader #crack #flaw #javascript #pdf-vulnerability #reader #vulnerability

Companies: #adobe

Adobe has confirmed that it has received reports regarding a flaw in its Acrobat Reader PDF viewing software being actively exploited by crackers.

In a posting to its Product Security Incident Response Team blog, Adobe has stated that it has "received reports of a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions being exploited in the wild," and explains that it is investigating the issue while "assessing the risk to our customers."

While the ne'er-do-wells might have the information they need to attack systems running vulnerable versions of the software, system administrators are finding themselves on the back foot due to a lack of information available on the 'net regarding the issue: with no details forthcoming, either from Adobe or on the common security mailing lists, it's a guessing game as to what the vulnerability might be - along with how to prevent or mitigate the attack vector, beyond simply uninstalling Adobe Reader and Acrobat from your system.

Regarding the veil of secrecy, Adobe's Wiebke Lips explained that "the reports [of the vulnerability] came to [Adobe] PSIRT directly from partners in the security community," who have chosen to allow Adobe time to patch the flaw before releasing details of the attack.

Despite the lack of details, it seems fair to assume that the flaw comes from Adobe Reader and Acrobat's handling of embedded JavaScript: as early as October a similar flaw was being actively exploited, for which the 9.2 release was supposed to be a permanent fix. This attack itself came hot on the heels of another flaw in July which affected both Adobe Reader and the company's Flash Player packages, itself a short jump from a zero-day exploit targeting Adobe Reader's JavaScript engine once more. As if that wasn't enough, JavaScript security issues were at the root of another zero-day attack back in February - and these just represent the major security holes discovered in the company's software this year.

Until Adobe releases more information regarding the attack, the recommendations are to ensure that PDF files are opened only from a trusted source; disable the JavaScript engine within Reader and Acrobat from the Preferences menu; or to seek an alternative viewer for PDF files.

Are you disappointed to see yet another serious vulnerability in Adobe's software, or does the news of yet another Reader flaw surprise you not a jot? Share your thoughts over in the forums.
Discuss this in the forums
YouTube logo
MSI MPG Velox 100R Chassis Review

October 14 2021 | 15:04