bit-tech.net

Adobe Acrobat, Reader under attack

Adobe Acrobat, Reader under attack

Adobe's Reader - and Acrobat - are being actively targeted by crackers exploiting an as-yet unrevealed security flaw.

Adobe has confirmed that it has received reports regarding a flaw in its Acrobat Reader PDF viewing software being actively exploited by crackers.

In a posting to its Product Security Incident Response Team blog, Adobe has stated that it has "received reports of a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions being exploited in the wild," and explains that it is investigating the issue while "assessing the risk to our customers."

While the ne'er-do-wells might have the information they need to attack systems running vulnerable versions of the software, system administrators are finding themselves on the back foot due to a lack of information available on the 'net regarding the issue: with no details forthcoming, either from Adobe or on the common security mailing lists, it's a guessing game as to what the vulnerability might be - along with how to prevent or mitigate the attack vector, beyond simply uninstalling Adobe Reader and Acrobat from your system.

Regarding the veil of secrecy, Adobe's Wiebke Lips explained that "the reports [of the vulnerability] came to [Adobe] PSIRT directly from partners in the security community," who have chosen to allow Adobe time to patch the flaw before releasing details of the attack.

Despite the lack of details, it seems fair to assume that the flaw comes from Adobe Reader and Acrobat's handling of embedded JavaScript: as early as October a similar flaw was being actively exploited, for which the 9.2 release was supposed to be a permanent fix. This attack itself came hot on the heels of another flaw in July which affected both Adobe Reader and the company's Flash Player packages, itself a short jump from a zero-day exploit targeting Adobe Reader's JavaScript engine once more. As if that wasn't enough, JavaScript security issues were at the root of another zero-day attack back in February - and these just represent the major security holes discovered in the company's software this year.

Until Adobe releases more information regarding the attack, the recommendations are to ensure that PDF files are opened only from a trusted source; disable the JavaScript engine within Reader and Acrobat from the Preferences menu; or to seek an alternative viewer for PDF files.

Are you disappointed to see yet another serious vulnerability in Adobe's software, or does the news of yet another Reader flaw surprise you not a jot? Share your thoughts over in the forums.

15 Comments

Discuss in the forums Reply
Skiddywinks 15th December 2009, 15:06 Quote
Christ. Again?
scawp 15th December 2009, 15:08 Quote
FoxIt - http://www.foxitsoftware.com/pdf/reader/

Works far better them adobes piece of crap, only 5MB as well.
Ryun 15th December 2009, 15:28 Quote
Quote:
Originally Posted by scawp
FoxIt - http://www.foxitsoftware.com/pdf/reader/

Works far better them adobes piece of crap, only 5MB as well.

I wouldn't say that. The UI is 'eh' and the plugin is hit or miss. I like it's benefits over my issues with it -- and I do use it over Acrobat -- however, but I don't think it's better than Acrobat for people who just want the software to work (I'm referring to the plugin mainly here).
dicobalt 15th December 2009, 16:37 Quote
Wherever javascript goes bad security tags along. You can blame the majority of serious browser vulnerabilities across all browsers and platforms on javascript. That is why NoScript functionality should be a standard feature in ANYTHING that uses javascript. It's like UAC for the web.
whiskers 15th December 2009, 17:09 Quote
Quote:
Originally Posted by scawp
FoxIt - http://www.foxitsoftware.com/pdf/reader/

Works far better them adobes piece of crap, only 5MB as well.

After Foxit installed Ask toolbar on my computer even though I checked "no" I decided to search for yet another alternative - http://www.docu-track.com/home/prod_user/PDF-XChange_Tools/pdfx_viewer

It's even faster than Foxit, has a much nicer looking user interface, and WILL save your changes like highlights and underlines (though I only READ PDFs occasionally)
bogie170 15th December 2009, 17:39 Quote
Adobe = Bloatware.

Foxit +1

:)
l3v1ck 15th December 2009, 17:44 Quote
Quote:
Originally Posted by dicobalt
That is why NoScript functionality should be a standard feature in ANYTHING that uses javascript. It's like UAC for the web.
+1
thehippoz 15th December 2009, 17:58 Quote
it's adobe's fault.. they need to make sure when someone issues a System.Shell.execute, it's handled correctly
DarkLord7854 15th December 2009, 18:14 Quote
Adobe are really bad about this stuff..
ffjason 15th December 2009, 20:09 Quote
Quote:
Originally Posted by bogie170
Adobe = Bloatware.

Foxit +1

:)

+1

Adobe 150MB+ hard drive -- Foxit ~10MB
Adobe loads 1-2 minutes -- Foxit in 1-2 seconds
Adobe ram usage ~500MB -- Foxit ~150MB
(same document)

I could go on.

Another alternative is Sumatra PDF which is a tiny program however it has RAM leakage problems and I have seen ram usage 1GB+ for large files (same document as above). Otherwise a brilliant program though.
Quote:
Originally Posted by Ryun
I wouldn't say that. The UI is 'eh' and the plugin is hit or miss. I like it's benefits over my issues with it -- and I do use it over Acrobat -- however, but I don't think it's better than Acrobat for people who just want the software to work (I'm referring to the plugin mainly here).

Never had any problems with the Foxit plugin in firefox or chrome - what the hell are you trying to open? I actually found it to be better and less buggy than Adobe's. Although I had stopped using way before adobe starting installing stuff I didn't want it to, that was the final straw. If I install a program I only want to have to uninstall that one program, not two or more!? In addition to that Adobe doesn't "just work" - have you seen how many exploits have been targeted at it? Using a less popular browser/pdf viewer etc always helps to avoid these vulnerabilities as exploit creators don't target them!
Quote:
Originally Posted by whiskers
After Foxit installed Ask toolbar on my computer even though I checked "no"

Also never had this issue and I have installed it over 100 times - are you sure you unticked it?
LucusLoC 15th December 2009, 20:32 Quote
i hate adobe products. 90+ mb for a reader? what on earth for! someone please tell me! and their other products are just as bloated and broken. how did they manage to become an industry standard?!
samkiller42 15th December 2009, 21:38 Quote
OSX's preview program opens PDF's which is handy, but windows still chugs along with Adobe, but with my system specs, it's not the end of the world. But it's nice to see another company being targeted over Microsoft, kinda feel sorry for MS, hum, ah well.

Sam
Aracos 16th December 2009, 05:31 Quote
Sumatra PDF anyone? http://blog.kowalczyk.info/software/sumatrapdf/download.html

1.2MiB Zip file FTW my friends!
Digi 16th December 2009, 09:45 Quote
CutePDF here. No hassles.
forum_user 22nd June 2012, 18:30 Quote
Sorry for reanimation of long dead thread. I did a search and this was the closest thread to represent my question.

I need an alternative to Adobe Reader. Is there any software out there that is simple, malware/bloatware/adware free. That will not want to update itself all the time.
Log in

You are not logged in, please login with your forum account below. If you don't already have an account please register to start contributing.



Discuss in the forums