Saturday, September 18, 2010

Serious Vulnerability in Adobe PDF Reader

Avoid opening a PDF file until you fix this!  Basically a carefully crafted PDF file can allow an attacker to take over your computer.

If you are a Windows user, it's best not to open any PDF files until you install EMET (see the link below).

On the Mac (OS X) the Preview app, as far as I've been able to find so far, is not vulnerable.  I've yet to find what seems like an authoritative, definitive statement.

From Adobe's announcement for CVE-2010-2884:

A critical vulnerability exists in Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, Solaris, and Adobe Flash Player 10.1.92.10 for Android. This vulnerability also affects Adobe Reader 9.3.4 for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2884) could cause a crash and potentially allow an attacker to take control of the affected system.
Here are some other discussions and important information.

From Softpedia

From Computerworld — This is actually a debate over whether this is a return of the so-called “Google attackers” but, in fact, it has a good summary of the attack background and activity.

In this Buzz, Robert Bayardo tells how to go to chrome://plugins and activate the built in PDF viewer that is not vulnerable.

Microsoft has released EMET 2.0 (Enhanced Mitigation Experience Toolkit) which should be installed and which will offer some protection on Windows systems.  If you are a Windows user it is important that you install this!

Sophos security advisory APSA10-02