Friday, December 18, 2009

Disable Javascript in Adobe Acrobat

Adobe had recently confirmed a critical vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions that could potentially allow an attacker to take control of the affected system and is being actively exploited in the wild.

The vulnerability, which occurs in a Javascript function in Adobe Acrobat and Reader, allows the attacker to invisibly run a program on the affected computer, when the victim opens a PDF file containing exploit code.

Currently, no patch was released for this vulnerability. It is likely to be released next year. But user can still mitigate this problem by disabling the javascript in Adobe Reader and Acrobat from the steps below.

1. Launch Acrobat or Adobe Reader.
2. Select Edit > Preferences
3. Select the 'JavaScript' Category
4. Uncheck the 'Enable Acrobat JavaScript' option
5. Click OK

But some Security firms and research groups claims that the level of attacks using this vulnerability were to limited number of attacks. It seems like hackers these days are focusing on targeted attacks (specific government, companies and organisation) to get the most value out of the vulnerability before it was exposed and patched.

For more finding on this vulnerability and exploit, visit my research blog @ w01f labs

Related report:
- SecurityFocus - Limited attacks target Adobe Acrobat


commandrine said...

I avoid Adobe Reader altogether by not having it installed on my systems. I use other methods of viewing PDF documents.

w01f said...

Any good software that you use to wiew PDF to share? Google Doc?

commandrine said...

Google Docs is one option. In Windows, I also use Sumatra PDF Portable.
Ubuntu natively supports viewing of PDF docs via "Document Viewer".