Another Adobe Reader Zero Day Vulnerability In The Wild - gHacks Tech News

Another Adobe Reader Zero Day Vulnerability In The Wild

Adobe Reader and Adobe Acrobat have been hit with yet another zero day vulnerability that is affecting all versions of both programs up to and including Adobe Reader and Adobe Acrobat 9.2.

The vulnerability has been disclosed to the public by Adobe's Security Response team which wrote in a blog post that Adobe is "currently investigating this issue and assessing the risk to customers".

Adobe itself did not reveal details about the exploit in the blog post but a post at the Shadowserver website which is run by security volunteers from around the world reveals details about the issue.

According to information posted on the website the exploit has been in the wild since at least December 11. The number of attacks have been limited and targeted so far according to the information. The experts expect the "exploit to become more wide spread in the next few weeks" with the potential to become fully public in the same timeframe.

The security researchers did not want to reveal all the information about the vulnerability but mentioned that it was found in the JavaScript function in Adobe Acrobat and Adobe Reader.

With that said we can tell you that this vulnerability is actually in a JavaScript function within Adobe Acrobat [Reader] itself. Furthermore the vulnerable JavaScript is obfuscated inside a zlib stream making universal detection and intrusion detection signatures much more difficult. On the bright side though, there are some solutions to this problem.

A temporary fix was also published on the same website.

We have said it before and we will say it again: Disable JavaScript.

Disabling JavaScript is easy. This is how it can be done in Acrobat Reader:
Click: Edit -> Preferences -> JavaScript and uncheck Enable Acrobat JavaScript

We have not had time to fully test but enabling hardware DEP for systems that support it may also mitigate this issue.

Adobe users are encouraged to disable JavaScript as soon as possible to block their version of the program from being vulnerable.

Update: Adobe has published a security advisory for the vulnerability in Adobe Reader and Acrobat. The vulnerability is rated critical. Attackers can exploit it to casue a crash and potentially take control of the operating system.

Users are asked to either disable JavaScript in Acrobat or Reader, or to update to the most recent version of the product.

Summary
Article Name
Another Adobe Reader Zero Day Vulnerability In The Wild
Description
Adobe Reader and Adobe Acrobat have been hit with yet another zero day vulnerability that is affecting all versions of both programs up to and including Adobe Reader and Adobe Acrobat 9.2.
Author
Publisher
Ghacks Technology News
Logo




  • We need your help

    Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

    We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.

    If you like our content, and would like to help, please consider making a contribution:

    Comments

    1. 26Dolphins said on December 15, 2009 at 10:30 pm
      Reply

      Hi,

      Every time I read about another exploit of Adobe, I thank my good sence for turning my back to it and switching to another PDF Reader – needless to say that I took all my friends & family with me!

      None of us has ever looked back: more security and our systems can at last breathe.

      Cheers,
      26Dolphins

    2. Mike J said on December 15, 2009 at 11:11 pm
      Reply

      Why does anyone continue to use that ponderous dinosaur, Adobe Reader?? It’s like the people at the grocery store who write checks–no reason for it!
      I use Foxit but I understand there are other PDF viewers just as good, or better, available for free.

    3. Carrie said on December 16, 2009 at 7:12 am
      Reply

      Has there been some free licenses given away for Adobe Photoshop ?

    4. Rico said on December 17, 2009 at 11:37 pm
      Reply

      @Mike J:
      Because it comes preinstalled on many computers and it’s the official reader for the format. Most people don’t even realize that you can use a third party program for a lot of these fornats.

    Leave a Reply