Sunday, February 22, 2009

Shadowserver Foundation - Calendar - 2009-02-19

The Shadowserver Foundation has recently become aware of a very severe vulnerability in Adobe Acrobat affecting versions 8.x and 9 that is currently on the loose in the wild and being actively exploited.

We would HIGHLY recommend that you DISABLE JAVASCRIPT in your Adobe Acrobat [Reader] products. You have the choice of small loss in functionality and a crash versus your systems being compromised and all your data being stolen. It should be an easy choice.

Disabling JavaScript is easy. This is how it can be done in Acrobat Reader:

Click: Edit -> Preferences -> JavaScript and uncheck Enable Acrobat JavaScript

Like I've said to my friends and co-workers, "There is nothing wrong with Acrobat Reader 5.x. It works with 90% of everything on the web!"


Shadowserver Foundation - Calendar - 2009-02-19

No comments: