Adobe Warns of Reader, Acrobat Attack

itwbennett writes "Monday afternoon, Adobe 'received reports of a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions being exploited in the wild,' the company said in a post to the company's Product Security Incident Response Team blog. According to malware tracking group Shadowserver, the vulnerability is due to a bug in the way Reader processes JavaScript code. Several 'tests have confirmed this is a 0-day vulnerability affecting several versions of Adobe Acrobat [Reader] to include the most recent versions of 8.x and 9.x. We have not tested on 7.x, but it may also be vulnerable,' Shadowserver said in a post on its Web site. The group recommends that concerned users disable JavaScript within Adobe's software as a work-around for this problem. (This can be done by un-checking the 'Enable Acrobat JavaScript' in the Edit -> Preferences -> JavaScript window). 'This is legit and is very bad,' Shadowserver added."

Help, how do you disable version check on startup?

[British]

Yesterday morning, my system started up saying a new version of Acrobat reader was available. HOWEVER, reader_Sl.exe couldn't be found on my reader dir, plus I had it disabled in msconfig in the Startup tab.

How the hell did this thing startup? Adobe doesn't seem to make it easy to disable any pre-loader app on startup. Why does every software company insist on jamming this crap on everyone's system?

I would love to see Symnatec, etc list this as malware. After all, same symptoms(drains system resources), and was added w/o user consent, nor is it easy to remove.