Critical Security Vulnerability in Adobe Acrobat Reader
Feb 25th, 2009 by Micheal Espinola Jr
Adobe has recently announced that there is a critical security vulnerability in their Acrobat and Reader products, and that they will be unable to release a patch for the issue until March 11, 2009. This is a serious security issue that affects all current versions of Acrobat and Reader, going back to 2005 (which includes versions 7 through the current version 9.) Adobe Acrobat and Reader are the applications used to create and view .PDF files.
To help reduce the exposure you have to this security vulnerability, please make the following changes from within the Acrobat and Reader applications:
- Launch Adobe Acrobat or Adobe Reader
- Select Help → Update
- After the update has completed (if necessary), complete the next steps within the application:
- Select Edit → Preferences
- Select the JavaScript Category
- Un-check the “Enable Acrobat JavaScript” option
- Click OK
Please note: These steps will not protect you completely from the security issue, but it will lessen the potential for being hacked. The actual fix for this issue is scheduled for release by Adobe on March 11, 2009. Until then, as with other files you may download from the Internet, you must be careful and diligent regarding the source of any file you choose to transfer to and open on your computer.
Because of the lack of a patch or update for such an extended period of time, everyone needs to be particularly careful when opening PDF documents from potentially untrustworthy web sites on the Internet, via email, or from other sources.
Feel free to reuse the following text in your own notifications, as I wrote it to notify users within my company. It would be nice of you to send me a hello/thanks comment if you do! Sphere: Related Content