Adobe's security team notes new serious vulnerability

April 30, 2009


Adobe has issued a warning to its users in regard to what it termed a "serious vulnerability" that affects Windows, Mac and Unix users of Adobe's Acrobat Reader Software.

The vulnerability employs a JavaScript error which can enable malicious code execution on any of the operating systems mentioned above.

Adobe has advised users to disable JavaScript in Adobe Reader and Acrobat until a patch is released for the flaw. The company has not stated when a patch will be ready for the vulnerability.

In the security advisory Adobe said "All currently supported shipping versions of Adobe Reader and Acrobat (Adobe Reader and Acrobat 9.1, 8.1.4, and 7.1.1 and earlier versions) are vulnerable to this issue."

For now, the company recommends disabling the JavaScript option by the following steps:

  1. Open Acrobat or Adobe Reader
  2. Select "Edit" Preferences
  3. Choose JavaScript Category
  4. Uncheck the "Enable Acrobat JavaScript" option
  5. Click OK and exit

In regard to other PDF readers and this particular vulnerability Graham Cluley of Sophos noted this on his blog, "As we predicted in the Sophos 2009 Security Threat Report, hackers are increasingly looking at commonly used browser plugins like Adobe Flash and PDF in their attempts to infect innocent computer users."

Cluley also noted that while it might be a temporary fix to switch to another PDF reader, "if everyone switched en masse to the same alternative to Adobe Reader, we'd all be in the same pickle again."

Other security advisors are suggesting that JavaScript be removed from PDF Readers completely as a permanent solution.

PDF In-Depth Free Product Trials Ubiquitous PDF

Debenu Quick PDF Library

Get products to market faster with this amazing PDF developer SDK. Over 900 functions and an equally...

Download free demo

Five visions of a PDF Day

In the world of PDFs or as we like to say Planet (of) PDF, a year isn't a real PDF year without an intense few days of industry knowledge sharing.

May 15, 2018
Platinum Sponsor

Search Planet PDF
more searching options...
Planet PDF Newsletter
Most Popular Articles
Featured Product

Debenu PDF Aerialist

The ultimate plug-in for Adobe Acrobat. Advanced splitting, merging, stamping, bookmarking, and link control. Take Acrobat to the next level.


Adding a PDF Stamp Comment

OK, so you want to stamp your document. Maybe you need to give reviewers some advice about the document's status or sensitivity. This tip from author Ted Padova demonstrates how to add stamps with the Stamp Tool along with related comments.