ADOBE Acrobat and Reader issue/Norton Protection

I read the information provided by Norton on the  Adobe 0-day OR Trojan.Pidief.E issue. I really don't want to mess with thesecurity settings of my adobe program (ie. turn off java script) I notice the other suggestions indicates

 


Anyone who has installed Adobe Acrobat or Adobe Reader and does not have Norton security protection is at risk.

 

By Norton security protection are they meaning only the NIS product or would that include NAV2008 as well?

http://www.symantec.com/norton/theme.jsp?themeid=trojan-pidief-vulnerability

 

under the section

Who is at Risk

I looked at the link you provided and under how to stay protected it said run a great security suite- that could be any GOOD security suite. You are fine

I was caught, excuse the pun, by the semantics. Not sure if they meant security product like NAV2008 or security suite such as NIS


NY1986 wrote:
I was caught, excuse the pun, by the semantics.

Good one LOL :smileyvery-happy:

 


NY1986 wrote:
Not sure if they meant security product like NAV2008 or security suite such as NIS

Well... my interpretation of the Norton sentence "Anyone who has installed Adobe Acrobat or Adobe Reader and does not have Norton security protection is at risk" would be (since they didn't capitalize the "s" in the word "security"), that their use of the word "security" is intended to apply to all [recent] Norton products whose purpose is to help increase computer-security & control malware etc., and not to only apply to products that specifically had the word "security" in their name (such as Norton Internet Security). It's an interesting question you pose though, now that I think about it...

Actually, down at the bottom, the writer recommended Norton Internet Security or Norton 360.  This might indicate a preference for a suite.


delphinium wrote:
Actually, down at the bottom, the writer recommended Norton Internet Security or Norton 360.

The page has changed. You're right, it does say that now (at the time of this writing) in several places, including the first paragraph, all in bold orange font too...

 


delphinium wrote:
This might indicate a preference for a suite.

Well, that would be my preference (from my point of view as a regular non-expert computer user), just because of the extra protection that's already built-in to things such as Norton Internet Security, such as firewall and whatever the other differences might be (for Windows, I've only used Norton Internet Security; no experience with other Norton products for Windows). Does Norton 360 have a firewall? (don't know). Anyway I have no idea whether or not such things as firewalls are applicable to the Adobe thing, but hey... can't hurt, right. :smileywink: :smileyhappy:

 

Edited because of my confusion about exactly what Norton 360 does or doesn't contain. I just looked at the Symantec page at http://www.symantec.com/norton360/about/index.jsp and searched the entire page for the word "firewall" and didn't see it... maybe it doesn't matter.

 

Message Edited by j2000 on 03-07-2009 07:25 PM

Hi folks,

 

Just to clear up any confusion, Norton 360 does have a firewall.

 

Check this link for the complete specs.


Phil_D wrote:

Hi folks,

 

Just to clear up any confusion, Norton 360 does have a firewall.

 

Check this link for the complete specs.


You're right - thanks :smileyhappy:

 

Bottom line. If you run a good AV and a good firewall and you are fully uipdated you should be fine


Stu wrote:
Bottom line. If you run a good AV and a good firewall and you are fully updated you should be fine

Let's also hope that one's AV of choice is also capable of dealing with the following:

From http://www.theregister.co.uk/2009/03/05/click_free_pdf_peril/

Zero-day Adobe PDF peril goes click free.

 

"...simply hovering the mouse cursor over a booby-trapped file, or selecting it, are enough to allow the bust out of potentially malicious code. Selecting a thumbnail view poses a similar risk."

 

(bold mine)

Apparently Adobe is dragging their feet and can't be bothered with releasing a patch for the previous vulnerabilities until March 11.

 

Interesting quote from the Adobe security blog :

"...the vulnerability is not in the scripting engine and, therefore, disabling JavaScript does not eliminate all risk."

Hmm.. okaaayyyy...

 

FWIW, the above Adobe link (http://blogs.adobe.com/psirt/) lists a whole bunch of Norton products as being able to "provide protections and information regarding this vulnerability". Presumably Adobe is referring to the already-being-exploited vulnerabilities, not the newly-discovered "click-free" or thumbnail vulnerabilites mentioned by The Register?

 

I read the information provided by Norton on the  Adobe 0-day OR Trojan.Pidief.E issue. I really don't want to mess with thesecurity settings of my adobe program (ie. turn off java script) I notice the other suggestions indicates

 


Anyone who has installed Adobe Acrobat or Adobe Reader and does not have Norton security protection is at risk.

 

By Norton security protection are they meaning only the NIS product or would that include NAV2008 as well?