Adobe

Another Adobe Reader Zero Day Vulnerability In The Wild

Tags: Adobe, Adobe Acrobat, adobe-reader, browsing, exploit, firefox, Internet, internet explorer, Linux, operating systems, Security, vulnerability ⋅ Archiviato in: Adobe ⋅ News ⋅ Security ⋅ Inserisci Commento
 Stampa questo articolo

Adobe Reader and Adobe Acrobat impact been impact with still added set period danger that is moving every versions of both programs up to Adobe Reader and Adobe Acrobat 9.2. The danger has been unconcealed to the open by Adobe’s Security Response aggroup who wrote in their journal that they “are currently work this supply and assessing the venture to [their] customers”.

Adobe itself did not expose info most the utilise in the journal place but a place at the Shadowserver website which is separate by section volunteers from around the world. According to aggregation posted on their website the utilise has been in the disorderly since at small Dec 11. The sort of attacks impact been restricted and targeted so farther according to their information. They do wait the “exploit to embellish more panoramic distribute in the incoming whatever weeks” with the possibleness to embellish full open in the aforementioned timeframe.

The section researchers did not poverty to expose every the aggregation most the danger but mentioned that it was institute in the JavaScript duty in Adobe Acrobat and Adobe Reader.

With that said we crapper verify you that this danger is actually in a JavaScript duty within Adobe Acrobat [Reader] itself. Furthermore the undefendable JavaScript is obfuscated exclusive a zlib course making coupler spotting and intrusion spotting signatures such more difficult. On the gleaming lateral though, there are whatever solutions to this problem.

A temporary mend was also publicised on the aforementioned website.

We impact said it before and we module feature it again: Disable JavaScript.

Disabling JavaScript is easy. This is how it crapper be finished in Acrobat Reader:
Click: Edit -> Preferences -> JavaScript and uncheck Enable Acrobat JavaScript

We impact not had instance to full effort but sanctioning element DEP for systems that hold it haw also mitigate this issue.

Adobe users are pleased to alter JavaScript as presently as doable to country their edition of the information from existence vulnerable.

Tags: adobe, adobe acrobat, adobe reader, adobe security, adobe vulnerability

Related posts

• Adobe Reader and Acrobat Critical Security Update (1)
• Adobe Reader and Acrobat Security Updates (3)
• Adobe Reader, Acrobat and Flash Player Zero Day Vulnerability (3)
• Adobe Reader Security Vulnerabilities (4)
• Unofficial Adobe Reader Patch Released (4)

Continua a leggere – Original Link: Another Adobe Reader Zero Day Vulnerability In The Wild

Technorati Tags: Adobe, Adobe Acrobat, adobe-reader, browsing, exploit, firefox, Internet, internet explorer, Linux, operating systems, Security, vulnerability