Friday, April 09, 2010

Another Adobe Attack Vector Expected

The ubiquitous Adobe Acrobat is back in the security spotlight again with another attack vector discovered by a security researcher this week. The flaw was first discovered by Belgian security researcher Didier Stevens and can be exploited with the "/Launch" function built into the Adobe Reader.

Unlike the recent JavaScript flaw, this one requires a bit of social engineering. A user must be tricked into opening a malicious PDF file. Details with a proof-of-concept are on Stevens' blog.

Adobe is aware of the issue but it was discovered too late to be included in next week's patch cycle for security fixes. In the meantime, security experts are recommending turning off the Launch feature in Reader. This was the same approach given for the JavaScript security bug.

To turn off the potentially threatening feature in Adobe Reader 9.3, the most current version, Go to Edit > Preferences > Trust Manager and uncheck the box labeled "Allow opening of non-PDF file attachments with external applications".


Post a Comment

<< Home