CERT mailing list archives
Current Activity - Adobe Reader and Acrobat Remote Code Execution Vulnerability
From: Current Activity <us-cert () us-cert gov>
Date: Tue, 15 Dec 2009 10:43:00 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 US-CERT Current Activity Adobe Reader and Acrobat Remote Code Execution Vulnerability Original release date: December 15, 2009 at 10:29 am Last revised: December 15, 2009 at 10:29 am Adobe has stated that they are investigating public reports of a vulnerability affecting Adobe Reader and Acrobat. Public reports indicate that exploitation of this vulnerability may occur when a user opens a specially crafted PDF file. Exploitation of this vulnerability may result in arbitrary code execution. Public reports currently indicate active exploitation of this vulnerability. US-CERT encourages users and administrators to do the following to help mitigate the risks until the vendor is able to provide an update: * Review the Adobe blog entry regarding this issue. * Use caution when opening PDF files from untrusted sources. * Disable JavaScript in Adobe Acrobat and Reader. To do this, click "Edit," then "Preferences" and then "JavaScript," and uncheck "Enable Acrobat JavaScript." US-CERT will provide additional information as it becomes available. Relevant Url(s): <http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html> ==== This entry is available at http://www.us-cert.gov/current/index.html#adobe_reader_and_acrobat_remote -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBSyeudducaIvSvh1ZAQI26Qf/SDsb7TQsre1zgWltb0BmBEnet1QRWiOY AJJTqVr35ugqBR8FSLiu1Paw7fACy028T2eoaKLGcJsBWOlU79oX2/dhIQdx/PQ/ CMTTdhuz3CoHA5/8BcUVXld3ZYKlKZxPb1dYGEhTb9mA0BFJiKTjqNTfJ5Km8rsy Md70SYlXxeniwwTkliVVpi87zuBMtgdqxSZNMl9IBjU4qWteqh1TTR0i++st/+hD lpouebay7CCKG2eiVXnW4zEXe6OGBH7E1ttTC8maGPdiqEcFdbtDUQM4tC5yZgGh oGqfVx/egvkNrmHqKwDl1BGm7Wvc+aeFJ+lKH0Rnixa5CdVobhVikQ== =HeOY -----END PGP SIGNATURE-----
Current thread:
- Current Activity - Adobe Reader and Acrobat Remote Code Execution Vulnerability Current Activity (Dec 15)
- <Possible follow-ups>
- Current Activity - Adobe Reader and Acrobat Remote Code Execution Vulnerability Current Activity (Dec 16)