Adobe Investigating Reports of Acrobat Exploits
Oh yay! Hackers have found a new exploit in Adobe Reader and Acrobat.
The fun just doesn't end for Adobe in its fight to keep hackers out of Reader and Acrobat. The company announced on Monday (via its PSIRT) that new reports have surfaced in regards to a previously unknown vulnerability in Adobe Reader and Acrobat. Adobe said that both the latest and older versions are being exploited "in the wild," meaning that the problem didn't just appear in the the recent v9.2.
While Adobe did not provide details on the 0-Day exploit, malware-tracking group Shadowserver Foundation said that the exploit has been in the wild since December 11, and that the attacks are limited and targeted by nature. The group did not release the exploit details, but rather only indicated that the problem was linked to a JavaScript function in Acrobat/Reader.
"This is legit and is very bad," the group said. "The vulnerable JavaScript is obfuscated inside a zlib stream making universal detection and intrusion detection signatures much more difficult."
The quick fix--until Adobe addresses the problem--is to disable JavaScript in Acrobat and Reader. To do this, simply click on Edit and choose Preferences. Click JavaScript on the left-hand menu and make sure to uncheck the Enable Acrobat JavaScript option. Users of Acrobat/Reader 7.x may or may not be affected by the new attack--this version has not been tested as of this writing, but disable JavaScript anyway, just in case.
This sounds like a job for Mermaid Man!
- YouTube is Considering Subscriptions
- iPhone 2G and 3G Get Video Recording (Finally)
- AT&T Responds to iPhone Flashmob's Threats
- Scammers Use Google Logo to Spread Malware
- Nintendo Trademarked Zii, Cii, Bii, Oii, Vii Names
- id Software Nuking Ports from Android Market
- Popular Author Gives Amazon Exclusive eRights
- Court to Rule on Text Message Privacy at Work
- Gartner: Hackers Defeating Tough Authentication
- VIDEO: MIT's Traffic and Pollution Tracking Wheel
- Top 10 Most Watched & Searched Videos of 2009
- Console Theft Rose 285% in 3 Years
- Plurk to MSFT: ''Sorry'' Just Isn't Good Enough
- Modern Warfare 2 Virus Infects Xbox Live
- Zune HD Twitter App Censors Swearing
- Sony Launches MMOG within PlayStation Home
- Insurgents Use $26 Software to Hack Drone Feeds
- Adobe Fixing 0-Day Exploit in One Month
- Facebook CEO: I Wanted People to See My Pics
Stupid Adobe.
why it is that hard that adobe cannot create a bug and hole free pdf reader?
damn, they themselves made the pdf. thats a shame for a big company like adobe, hire some pros for acrobat reader.
OR
why it is that hard that adobe cannot create a bug and hole free pdf reader?
Well there is no such thing as a "hole free" application. It literally cannot happen. If it did then there would be no use for anything else to ever be created/developed. The end of innovation as we know it.
Anywho, they have been shown countless exploits in acrobat/reader lately. I'm surprised everyone didn't remove the application completely, as F secure suggested. Once again foxit reader/phantom FTW.
Acrobat has tons of features that we do not use. It's becoming much slower and bigger than it used to be. I believe that as they're trying to cram those features in Acrobat, bugs find their way in.
How about uncrippling flash player for Linux and Mac. Then we'll start to worry about "security" issues.
Adobe, bug ridden software!?
Wait, nothing new, move along.
Mermaid Man? Wouldn't you call him Merman?
Adobe, here is some advice from someone who is TIRED of updating Acrobat for his entire company every other week. CREATE AN ADOBE UPDATE SERVER! Users NEVER update Acrobat making my life that much harder! Sense you're the number one choice for opening PDF files why not make us admins lives easier?!?!?
Adobe is some of the best media creation software out there. There is no other company that provides cross application compatibility such as Photoshop to Premiere and After Effects and Illustrator.
Show me some real competition to the efficiency of the Adobe workflow for motion graphics, web design, and print design and I will buy them.
For now, I think Adobe does an excellent job with the massive amount of software they have to maintain.
Not everyone uses their computer for gaming alone, some of us use them for serious business!