• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos2 Stats

Adobe Reader P.D.F. File Handling Remote Code Execution Vulnerability

Targeted PDFs Used as Exploits - https://forums.symantec.com/t5/blogs/blogarticlepage/blog-id/vulnerabilities_exploits/article-id/188.

If Users think that they are Infected, they can Submit Files to symantec Security Response via this Web Link: https://submit.symantec.com/websubmit/retail.cgi.

Adobe plans to Release Patches around about March 11, 2009 for Affected Products.

Message Edited by Floating_Red on 02-20-2009 03:40 PM
Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]

Replies

Kudos0

Re: Adobe Reader P.D.F. File Handling Remote Code Execution Vulnerability

Thanx Floating. Great contribution
"All that we are is the result of what we have thought"
Kudos0

Re: Adobe Reader P.D.F. File Handling Remote Code Execution Vulnerability

This is an example of how Norton steps in to protect when other programs have security vulnerabilities, isn't it?

I read that ADOBE won't have a security update until March, but Norton is filling in the security gap. Am I undertanding this correctly?

Also andy sense about what websites may be promoting this exploit? Any legit/Normal sites found to be involved?

Kudos0

Re: Adobe Reader P.D.F. File Handling Remote Code Execution Vulnerability


NY1986 wrote:

This is an example of how Norton steps in to protect when other programs have security vulnerabilities, isn't it?

I read that ADOBE won't have a security update until March, but Norton is filling in the security gap. Am I undertanding this correctly?

Also andy sense about what websites may be promoting this exploit? Any legit/Normal sites found to be involved?


As long as you keep your Anti-Virus Product up-to-date, then you will be Protected, but not totally protected - although, Intrusion Prevention should have you covered, as well as the Firewall* - until Adobe Release the Patches, so, just be careful out there!  But yeah, if you keep your Anti-Virus Product up-to-date, you will be covered most of the time.  =)

* - Norton AntiVirus 2009 does not have the symantec Firewall for Norton Products

_______________________________________________________________________________

Thanks, Stu!  :)

Message Edited by Floating_Red on 02-20-2009 10:20 PM
Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Kudos0

Re: Adobe Reader P.D.F. File Handling Remote Code Execution Vulnerability

Note the suggestion to disable javascript within Adobe / Acrobat as some protection.

Just be careful before you open any email attachments .... even more careful!

Hugh
Kudos0

Re: Adobe Reader P.D.F. File Handling Remote Code Execution Vulnerability

http://www.symantec.com/business/security_response/vulnerability.jsp?bid=33751.

Message Edited by Floating_Red on 02-25-2009 11:04 PM
Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Kudos0

Re: Adobe Reader P.D.F. File Handling Remote Code Execution Vulnerability

Hugh
Kudos0

Re: Adobe Reader P.D.F. File Handling Remote Code Execution Vulnerability

Hi Hugh

How do you disable javascript in Adobe? I'm not sure where you go to do that.Any help /explanation would be great for us who don't know these things!

And it will be greatly recieved with many thanks!

Cheers Mo Windows 7 64 bit, NIS2013
Kudos1 Stats

Re: Adobe Reader P.D.F. File Handling Remote Code Execution Vulnerability

Hi mo,

I hope you don't mind me answering in place of huwyngr.

Open Adobe Reader. On the top menu bar go to Edit > Preferences.  Scroll down under "Categories" and click on JavaScript.

Uncheck the top item "Enable Acrobat JavaScript".  Click OK and exit.

Hope that helps.

"Anyone who isn't confused really doesn't understand the situation."   Edward R. Murrow
Kudos0

Re: Adobe Reader P.D.F. File Handling Remote Code Execution Vulnerability

Hi Phil

No I don't mind(will hugh??)Thanks,would it be worthwhile to tag that as under Adobe/security PDF?

Cheers Mo Windows 7 64 bit, NIS2013
Kudos0

Re: Adobe Reader P.D.F. File Handling Remote Code Execution Vulnerability


mo wrote:

....  would it be worthwhile to tag that as under Adobe/security PDF?


Good idea - done.

"Anyone who isn't confused really doesn't understand the situation."   Edward R. Murrow
Kudos0

Re: Adobe Reader P.D.F. File Handling Remote Code Execution Vulnerability

Thanks for answering and also for picking up and PMing me that the link in my message did not work.

Here's the URL for SANS.ORG that should:

http://isc.sans.org/diary.html?storyid=5926

Hugh
Kudos0

Re: Adobe Reader P.D.F. File Handling Remote Code Execution Vulnerability

I hope everyone reads that link as it describes that disabling JavaScript does not guarantee 100% protection.
"Anyone who isn't confused really doesn't understand the situation."   Edward R. Murrow

This thread is closed from further comment. Please visit the forum to start a new thread.