Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to protect yourself from the Adobe Reader PDF JavaScript Vulnerability


  • Please log in to reply
73 replies to this topic

#1 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,640 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:23 AM

Posted 22 February 2009 - 12:38 AM

On Feb 19th Adobe released a security bulletin stating that Adobe Reader is vulnerable to JavaScript attacks that could allow remote control of your machine. Unfortunately, the fix for this vulnerability is scheduled to be released on March 11th, so that allows enough time for hackers and malware distributors to start ramping up the use of this vulnerability to attack your computers. At the present time there has already been reports of this vulnerability being used.

To protect yourself from these types of attacks it is suggested that you disable JavaScript from running within PDF documents. For the vast majority of users, this will have no affect on the reading of legitimate PDF documents. It will, though, give a warning when a PDF document is trying to execute JavaScript and you can then decide if you would like to allow it. To protect yourself, open Adobe Reader and once it is open, click on the Edit menu option and then select Preferences. When the preferences screen opens, click on the JavaScript category. Then uncheck the checkbox labeled Enable Acrobat JavaScript. When done, your screen should look like the image below. Then press the OK button to save your settings.



Javascript preferences screen in Adobe Reader
JavaScript preferences screen in Adobe Reader


Adobe Reader should now be safe from this JavaScript based attack.

2/26/09 Update: It appears that disabling JavaScript will stop most attacks, but it is still possible to exploit this vulnerability without JavaScript. More info here. For now it is advised that you switch to a different PDF reader. There is a good discussion on different types of PDF readers in the comments.

Link : Adobe Security Bulletin


BC AdBot (Login to Remove)

 


#2 JohnWho

JohnWho

    Who was running the store?


  • Members
  • 2,611 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tampa Bay Area, Florida, USA
  • Local time:11:23 AM

Posted 22 February 2009 - 10:10 AM

Replacing Adobe Reader with Foxit Reader 3.0 would resolve that issue, too, wouldn't it?


I know you think you understand what you thought I said,
but I'm not sure you realize that what you heard is not what I meant!


#3 Lloyd T

Lloyd T

  • Members
  • 853 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:11:23 AM

Posted 22 February 2009 - 01:00 PM

Thanks, Grinler! :thumbsup:

#4 Vaerli

Vaerli

  • Members
  • 582 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 22 February 2009 - 01:56 PM

i've found adobe acrobat reader to be more of a pain than it's ever been a help. .pdf files are annoying.. but i recently got it on my computer for some manuals. I might just remember foxit next time i wipe my hard drive.

Q6600, 4GB g-skill, 8800GT, P5N-D motherboard
Posted Image
My art


#5 crzyallday0514

crzyallday0514

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Phoenix, Arizona
  • Local time:08:23 AM

Posted 23 February 2009 - 12:39 PM

I just read the post about Adobe Reader vulnerability. I unchecked JavaScript but I'm thinking it might be best to get Foxit Reader 3.0. If I decide to go with Foxit Reader am I going to be able to read all PDFs? As you can tell, I am no at all knowledgeable about any of this. Also, what do I need to know about uninstalling Adobe Reader and all its files?

"Music expresses that which cannot be said
and on which it is impossible to be silent."
-Victor Hugo


#6 JohnWho

JohnWho

    Who was running the store?


  • Members
  • 2,611 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tampa Bay Area, Florida, USA
  • Local time:11:23 AM

Posted 23 February 2009 - 05:51 PM

I just read the post about Adobe Reader vulnerability. I unchecked JavaScript but I'm thinking it might be best to get Foxit Reader 3.0. If I decide to go with Foxit Reader am I going to be able to read all PDFs?


Yes, you should be able to read all PDFs just as you could would Adobe Reader.

As you can tell, I am no at all knowledgeable about any of this. Also, what do I need to know about uninstalling Adobe Reader and all its files?


In Control Panel, "add/remove programs" or "Programs and Features", you can uninstall it.

I would re-boot at that point, and then install Foxit Reader. While probably not necessary, it is always a good practice, in my opinion. Every once in awhile an uninstall may not go well, and this helps avoid any problem.

Enjoy.


I know you think you understand what you thought I said,
but I'm not sure you realize that what you heard is not what I meant!


#7 Guest_Jay-P VIP_*

Guest_Jay-P VIP_*

  • Guests
  • OFFLINE
  •  

Posted 23 February 2009 - 11:17 PM

It sounds like a good recommendation to install Foxit reader and use it instead or Adobe Reader. Thanks for the tips, friends!

#8 Yourhighness

Yourhighness

    The BSG Malware Fighter


  • Malware Response Team
  • 7,943 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hamburg

Posted 24 February 2009 - 12:35 AM

I switched to PDF X-Change Viewer. The Programme just offers even more features and is freeware too :thumbsup:. Of course it will avoid the adobe vulnerability, but the more popular software gets, the more likely it becomes targeted in the long run too.

-edit- a feature overview here: http://www.docu-track.com/FeatureChartEU.pdf

Edited by Yourhighness, 24 February 2009 - 12:37 AM.

"How did I get infected?" - "Safe-hex" - Member of UNITE -
Posted Image


#9 Guest_Jay-P VIP_*

Guest_Jay-P VIP_*

  • Guests
  • OFFLINE
  •  

Posted 24 February 2009 - 12:36 AM

Oh. Nice added idea to the mix! :thumbsup:

#10 crzyallday0514

crzyallday0514

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Phoenix, Arizona
  • Local time:04:23 PM

Posted 24 February 2009 - 12:58 AM

Thanks for your help and especially the suggestion about re-booting. Nice to know you're keeping "an eye out...". :thumbsup: Almost jumped out of my seat when I saw that thing. Oops, I hope that's not your real eye...if so, it's a real nice one.

"Music expresses that which cannot be said
and on which it is impossible to be silent."
-Victor Hugo


#11 Guest_Jay-P VIP_*

Guest_Jay-P VIP_*

  • Guests
  • OFFLINE
  •  

Posted 24 February 2009 - 12:58 AM

Check this out

Adobe flaw appeared last month!

#12 Lloyd T

Lloyd T

  • Members
  • 853 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada

Posted 24 February 2009 - 04:25 PM

Hmm..Adobe Reader is starting to look like cheese...I should really consider replaicing it with another alternative.

#13 Guest_Jay-P VIP_*

Guest_Jay-P VIP_*

  • Guests
  • OFFLINE
  •  

Posted 24 February 2009 - 09:20 PM

:thumbsup: That made my day!

#14 crzyallday0514

crzyallday0514

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Phoenix, Arizona
  • Local time:08:23 AM

Posted 25 February 2009 - 03:54 PM

Okay, I've uninstalled Adobe Reader and preparing to download Foxit 3.0. Went on site and there are 3 files and don't know which I'm supposed to download. 3 files are: installer.exe (which I know I have to have); Zip package, and .msi. I'm thinking the Zip package will have everything I need but got confused because there were 3 downloads. Sure ya'll are getting really tired of having to answer my questions, but OMG how I do appreciate it!!

"Music expresses that which cannot be said
and on which it is impossible to be silent."
-Victor Hugo


#15 Guest_Jay-P VIP_*

Guest_Jay-P VIP_*

  • Guests
  • OFFLINE
  •  

Posted 25 February 2009 - 03:57 PM

Use the installer if you want the work done for you.

Use the zip file if you want to scan the files of this program before it is installed. (Advantage of Zip files is the ability of scanning files before they are installed, prevents malware invasions)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users