Topic: Adobe Reader zero-day threat (Read 3330 times)

tuftedduck · « **on:** December 16, 2009, 06:44:53 AM »

Heads up for any Kitizens using Adobe Reader.

http://www.v3.co.uk/v3/news/2255039/adobe-zero-day-threat

UncleUB · « **Reply #1 on:** December 16, 2009, 06:50:05 AM »

Thanks for the heads up TD

tuftedduck · « **Reply #2 on:** December 16, 2009, 10:05:25 AM »

The immediate workaround to render Reader safe is to disable javascript in Reader.

To disable JavaScript, Click: Edit -> Preferences -> JavaScript and uncheck Enable Acrobat JavaScript.

UncleUB · « **Reply #3 on:** December 16, 2009, 10:49:25 AM »

Quote from: tuftedduck on December 16, 2009, 10:05:25 AM

The immediate workaround to render Reader safe is to disable javascript in Reader.

To disable JavaScript, Click: Edit -> Preferences -> JavaScript and uncheck Enable Acrobat JavaScript.

What does disabling Javascript do,does this cause problems having it disabled ?

pintosal · « **Reply #4 on:** December 16, 2009, 11:12:21 AM »

Switch to FOXIT reader. It's much smaller and faster

tuftedduck · « **Reply #5 on:** December 16, 2009, 12:19:45 PM »

I think the only effect you would encounter is that any PDFs written using javascript would not render properly, or not at all.

But the fix is only a temp. one until Adobe can issue a patch......then you can re-enable javascript in the same way.

UncleUB · « **Reply #6 on:** December 16, 2009, 01:52:59 PM »

Thanks TD.

oldfogy · « **Reply #7 on:** December 16, 2009, 03:38:37 PM »

Quote from: tuftedduck on December 16, 2009, 12:19:45 PM

I think the only effect you would encounter is that any PDFs written using javascript would not render properly, or not at all.

But the fix is only a temp. one until Adobe can issue a patch......then you can re-enable javascript in the same way.

On the other-hand, people could simply just not open emails from people they do not know.

Quote

"The PDF file we discovered arrives as an email attachment. The attack attempts to lure email recipients into opening the attachment. When the file is opened, a malicious file is dropped and run on a fully patched system with either Adobe Reader or Acrobat installed. Symantec products detect the file as Trojan.Pidief.H."

jazz · « **Reply #8 on:** December 16, 2009, 03:42:05 PM »

@Uncle UB - when I came to disable Java script on Adobe Reader I found that on my main computer it was disabled already and I only had to disable on the laptop. I didn't know it was already disabled on my desktop computer (I must have done it for some reason in the distant past) and I have never encountered any problems reading PDF files that I have wanted to read in recent years.....

UncleUB · « **Reply #9 on:** December 16, 2009, 03:54:44 PM »

@OF,I never open any attachments in emails I don't know,just bin them.

@Jazz,thanks for your reply.

News:

Author Topic: Adobe Reader zero-day threat (Read 3330 times)

tuftedduck

Adobe Reader zero-day threat

UncleUB

Re: Adobe Reader zero-day threat

tuftedduck

Re: Adobe Reader zero-day threat

UncleUB

Re: Adobe Reader zero-day threat

pintosal

Re: Adobe Reader zero-day threat

tuftedduck

Re: Adobe Reader zero-day threat

UncleUB

Re: Adobe Reader zero-day threat

oldfogy

Re: Adobe Reader zero-day threat

jazz

Re: Adobe Reader zero-day threat

UncleUB

Re: Adobe Reader zero-day threat