The exploit we’ve previously mentioned here only affects you if your setup matches the following:
Platform: Windows XP (Vista users are not affected) with Internet Explorer 7 installed
Affected Software Versions:
- Adobe Reader 8.1 and earlier versions
- Adobe Acrobat Standard, Professional and Elements 8.1 and earlier versions
- Adobe Acrobat 3D
Adobe has finally provided a workaround, though it’s not terribly straightforward if you’re uncomfortable mucking about in the registry:
They plan to eventually provide a more user-friendly solution. Until then, the exploit–while not known to be out in the wild yet–has the potential to be extremely damaging; applying Adobe’s workaround is strongly recommended while we wait for them to provide a proper, more-polished patch.
Be careful out there.
A zero-day PDF vulnerability in Adobe’s Acrobat Reader has come to light that can lead to Windows boxes getting taken over completely and invisibly, according to a security researcher.
“All it takes is to open a [maliciously rigged] PDF document or stumble across a page which embeds one,” said researcher Petko D. Petkov, aka pdp, in a blog posting on Sept. 20.
Paul Henry, vice president of technology and evangelism at Secure Computing, based in San Jose, Calif., said in an interview with eWEEK that PDF vulnerabilities have a strong advantage when it comes to users being tempted into opening them, giving this vulnerability the potential to become a “huge” attack vector. “From a social engineering standpoint, it’s easier to attach a PDF to e-mail and assume [the target will] open it. If you’ve got a request to launch a video conversation from someone you never heard of, chances are you won’t do it. Or you won’t click on a video online if you don’t know where it’s from. But from a social engineering point of view, this is deeper.”
The scenario is that an attacker rigs a PDF file designed to exploit the flaw. He or she distributes it via e-mail or through other means, or hosts it on a Web page. When a user opens the rigged PDF file with a vulnerable application, the user’s machine can be loaded with malware that makes it open to a takeover.
“The ability to use PDFs to install malware and steal personal information from remote PCs is here,” he said in a statement. “Readers should be cautioned to only open PDF files from senders they explicitly trust.”
(Snippets from eWeek. Image from Adobe.)