Zero Day: Acrobate Reader Still Out There
Thursday, March 12, 2009 at 09:05AM
drStrangeP0rk in Acrobat Exploits

Adobe's current fix does not fix the actual vulnerability but you should update to version 9.1. At the firewall level it may be prudent to block PDF's from un-trusted sources. The Zero Day PDF has malicious code that can exploit a buffer overflow allowing execution of code on your system. First up you should not have JavaScript enabled, if it is disable it right away. This exploit may crash Reader if you disable JavaScript but it will be unable to install the malicious code onto your system. 

One important aspect of defense against this exploit is education of users, make sure to review attachment policies and procedures. Users should not open any documents from un-trusted or unknown sources. (Make sure that your policies and procedures give users clear guidance including case examples.) Trust and un-trusted sources can be filtered at the external fire wall which you should be doing already. 

 

CVE number: CVE-2009-0658

Article originally appeared on magmatic.com (http://www.magmatic.com/).
See website for complete article licensing information.