Adobe Acrobat Hit Again

It’s true.

Adobe Acrobat is vulnerable once again. This is getting ridiculous. They have enough money to buy up software companies but yet they can’t invest the time and money to harden their existing products?

They worked so hard to get everyone to use their software. It’s standard on computer installs now. Who doesn’t have Adobe Acrobat Reader on their computer?

With this latest “hole”, I’ve started looking for alternatives and I’ll let you know if and when I find one. But in retrospect, I’d rather stay with a company that is solidly locked into the software market and has a lot to lose if they don’t fix their vulnerabilities, than one that might be a fly-by-night company and leaves me standing out in the cold.

Many in the security community have even coined an acronym for this scenario – YAPE (Yet Another PDF Exploit). You know things are bad when the security community assigns an acronym to it.

Adobe is again recommending that you disable Javascript in Adobe Acrobat. If you followed my instructions last time, you still have Javascript disabled so you’re safe. If for some reason, you didn’t read my last warning about Adobe Acrobat here are the steps to follow:

To turn off Javascript follows these steps:

  1. Launch Adobe Acrobat Reader
  2. Select Edit -> Preferences
  3. Select the Javascript category
  4. Uncheck the “Enable Acrobat Javascript” option
  5. Click “Ok”

It begs the question, “Why does anyone need Javascript in a reader for locked files anyway?” To me, it’s technology looking for a reason.

When Adobe first introduced the Javascript ability, I looked for a way to turn it off. I don’t need it. I don’t want something in my software that allows other people to control what I’m doing.

As of this writing, Adobe is working on a patch. All versions of Adobe Acrobat, on every platform; Mac, Linux and Windows are vulnerable.

I will keep you updated on this situation or you can follow it on Adobe’s website here:

http://www.adobe.com/support/security/

As always, I recommend you apply the patch as it becomes available as this exploit will allow an attacker to remotely execute commands on your computer and the exploit code is already available.

Our honeypots have not detected any new waves of infectious PDFs in the wild – yet. But sure as, well you know, they will be forth coming.

Please feel free to pass the link to this posting to your friends and family.