Adobe Warns of Reader, Acrobat Attack

itwbennett writes "Monday afternoon, Adobe 'received reports of a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions being exploited in the wild,' the company said in a post to the company's Product Security Incident Response Team blog. According to malware tracking group Shadowserver, the vulnerability is due to a bug in the way Reader processes JavaScript code. Several 'tests have confirmed this is a 0-day vulnerability affecting several versions of Adobe Acrobat [Reader] to include the most recent versions of 8.x and 9.x. We have not tested on 7.x, but it may also be vulnerable,' Shadowserver said in a post on its Web site. The group recommends that concerned users disable JavaScript within Adobe's software as a work-around for this problem. (This can be done by un-checking the 'Enable Acrobat JavaScript' in the Edit -> Preferences -> JavaScript window). 'This is legit and is very bad,' Shadowserver added."

Javascript Again

If you have to use Reader, ALWAYS disable Javascript. It always seems like that's was these exploits use. Or use one of the many PDF reader alternatives.

Re:Limit permissions and seek alternatives?

[oDDmON+oUT]

Replying to my own last line as an informational thing:

http://en.wikipedia.org/wiki/List_of_PDF_software

Re:Preferences?

[clone53421]

You could try the Edit -> Preferences -> JavaScript window. Here, I’ll make a little instruction sheet for you.

http://img38.imagefra.me/img/img38/1/12/15/clone53421/f_viwjj0m_1729695.jpg

Re:Anyone still has JavaScript enabled?

[Zumbs]

Your wish is my command: http://www.oldversion.com/Acrobat-Reader.html.

Re:seen it, I think

[StuartHankins]

Sounds like you need NoScript and AdBlock.