Adobe Issues Advisory for Acrobat, Reader Exploit

By Kara Reeder | Dec 16, 2009 | Print this Page
http://www.enterprisenetworkingplanet.com/netsecur/adobe-issues-advisory-acrobat-reader-exploit

PCMag.com reports that Adobe has issued an advisory for the zero-day vulnerability that affects all versions of Acrobat and Reader on all platforms. The vulnerability, which was first reported earlier this week, is considered critical as it could allow remote code execution.

According to the advisory, Adobe plans to make an update available for Adobe Reader and Acrobat by Jan. 12, 2010 to resolve the issue. Until then, there are a number of things users can do to mitigate the threat:

  1. Enable Data Execution Prevention (DEP) for Acrobat or Reader on versions of Windows.
  2. Disable JavaScript.
  3. Utilize the JavaScript Blacklist Framework.