Security issues with Adobe products seem to be in the news quite frequently this year. No week passes by without yet another report about a security vulnerability or update of a popular Adobe software program.
Recently an Adobe Reader vulnerability was discovered that allows attackers to execute code on a target machine. This is done by specifically preparing a pdf with an executable embedded in the code.
To be fair: This vulnerability does not only affect Adobe Reader but also some tools from third party developers like Foxit.
Adobe did not patch the issue on last week's patch day but explained how to protect programs so that the malicious code cannot be executed even if a specifically prepared pdf document is loaded.
Computer users who want to protect their system from the attack need to open Adobe Reader, click on Edit > Preferences to open the options, select Trust Manager from the categories menu and uncheck the PDF File Attachments option that reads "Allow opening of non-PDF file attachments with external applications".
The security issue is currently actively exploited by the Zeus Botnet according to an article on PC World with several thousands of attacks underway. The pdf documents used in the attack embed code in the document that displays a save prompt to the user when the pdf document is opened. The user is asked to save a pdf called "Royal_Mail_Delivery_Notice.pdf" which in fact is a disguised executable that will run malicious code on the user's computer.
It is nearly impossible for users to determine if a pdf document is legit or if it contains an embedded executable with malicious code. It is therefore highly recommended to make the change that Adobe suggests.
The best way to handle the issue is to make the configuration change in Adobe Reader to protect the system, for now.
If you are using a different program to open pdf documents on your system, you may want to search for a comparable option in those programs, or verify that the program that you use to open PDF documents is not affected by the vulnerability.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.