I read the information provided by Norton on the Adobe 0-day OR Trojan.Pidief.E issue. I really don't want to mess with thesecurity settings of my adobe program (ie. turn off java script) I notice the other suggestions indicates
Anyone who has installed Adobe Acrobat or Adobe Reader and does not have Norton security protection is at risk.
By Norton security protection are they meaning only the NIS product or would that include NAV2008 as well?
I looked at the link you provided and under how to stay protected it said run a great security suite- that could be any GOOD security suite. You are fine
NY1986 wrote: I was caught, excuse the pun, by the semantics.
Good one LOL
NY1986 wrote: Not sure if they meant security product like NAV2008 or security suite such as NIS
Well... my interpretation of the Norton sentence "Anyone who has installed Adobe Acrobat or Adobe Reader and does not have Norton security protection is at risk" would be (since they didn't capitalize the "s" in the word "security"), that their use of the word "security" is intended to apply to all [recent] Norton products whose purpose is to help increase computer-security & control malware etc., and not to only apply to products that specifically had the word "security" in their name (such as Norton Internet Security). It's an interesting question you pose though, now that I think about it...
delphinium wrote: Actually, down at the bottom, the writer recommended Norton Internet Security or Norton 360.
The page has changed. You're right, it does say that now (at the time of this writing) in several places, including the first paragraph, all in bold orange font too...
delphinium wrote: This might indicate a preference for a suite.
Well, that would be my preference (from my point of view as a regular non-expert computer user), just because of the extra protection that's already built-in to things such as Norton Internet Security, such as firewall and whatever the other differences might be (for Windows, I've only used Norton Internet Security; no experience with other Norton products for Windows). Does Norton 360 have a firewall? (don't know). Anyway I have no idea whether or not such things as firewalls are applicable to the Adobe thing, but hey... can't hurt, right.
Edited because of my confusion about exactly what Norton 360 does or doesn't contain. I just looked at the Symantec page at http://www.symantec.com/norton360/about/index.jsp and searched the entire page for the word "firewall" and didn't see it... maybe it doesn't matter.
"...simply hovering the mouse cursor over a booby-trapped file, or selecting it, are enough to allow the bust out of potentially malicious code. Selecting a thumbnail view poses a similar risk."
(bold mine)
Apparently Adobe is dragging their feet and can't be bothered with releasing a patch for the previous vulnerabilities until March 11.
"...the vulnerability is not in the scripting engine and, therefore, disabling JavaScript does not eliminate all risk."
Hmm.. okaaayyyy...
FWIW, the above Adobe link (http://blogs.adobe.com/psirt/) lists a whole bunch of Norton products as being able to "provide protections and information regarding this vulnerability". Presumably Adobe is referring to the already-being-exploited vulnerabilities, not the newly-discovered "click-free" or thumbnail vulnerabilites mentioned by The Register?
I read the information provided by Norton on the Adobe 0-day OR Trojan.Pidief.E issue. I really don't want to mess with thesecurity settings of my adobe program (ie. turn off java script) I notice the other suggestions indicates
Anyone who has installed Adobe Acrobat or Adobe Reader and does not have Norton security protection is at risk.
By Norton security protection are they meaning only the NIS product or would that include NAV2008 as well?