Thursday, February 14, 2013

Adobe Reader and Acrobat Exploits:
Security Advisory


Over the past few days there have been abstract rumblings about in-the-wild exploits of the current versions of Adobe Reader and Acrobat. At the moment, the full details have not been made public. But Adobe has released a Security Advisory to all Reader and Acrobat users:

Security Advisory for Adobe Reader and Acrobat (APSA13-02)
A Security Advisory (APSA13-02) has been posted in regards to critical vulnerabilities (CVE-2013-0640, CVE-2013-0641) in Adobe Reader and Acrobat XI (11.0.01 and earlier), X (10.1.5 and earlier) and 9.5.3 and earlier for Windows and Macintosh. These vulnerabilities could cause the application to crash and potentially allow an attacker to take control of the affected system.

Adobe is aware of reports that these vulnerabilities are being exploited in the wild in targeted attacks designed to trick Windows users into clicking on a malicious PDF file delivered in an email message.

Adobe is in the process of working on a fix for these issues and will update this advisory when a date for the fix has been determined.

Adobe will continue to provide updates on this issue via the Security Advisory section of the Adobe website as well as the Adobe PSIRT blog.

This posting is provided “AS IS” with no warranties and confers no rights.
Meanwhile! Dan Goodin of Ars Technica posted a related article that includes a workaround for the problem:

Thanks, Adobe. Protection for critical zero-day exploit not on by default
Reader protected view: Like car airbags that work only if owners flip a switch.
According to an advisory Adobe published Wednesday night, the "protected view" feature prevents the current attacks from working—but only if it's manually enabled. To turn it on, access Preferences > Security (Enhanced) and then check the "Files from potentially unsafe locations," or even the "All files" option. Then click OK. There's also a way for administrators to enable protected view on Windows machines across their organization.

The revelation is significant because it means users aren't protected when using the default version of the widely used document reader.
Therefore, if you must use Reader or Acrobat, turn on Security (Enhanced) to turn off the exploited security hole. ("√ Enable Enhanced Security").

Otherwise, please use OTHER apps for creating and reading PDF files in order to stay safe from the continuing Adobe security hell.

Me? I've uninstalled Reader and gave up on Acrobat years ago. I still love PDFs! Just not PDFs made by or read by Adobe stuff.


No comments:

Post a Comment