A new vulnerability in Adobe Reader 9 is currently being exploited by malicious PDF files in targeted attacks. Adobe are planning to release an out-of-cycle (unexpected) security fix this week (starting December 12th) for all versions of Adobe Reader 9 (and Acrobat).
Note that this fix will only apply to version 9 – NOT the current version of Adobe Reader (or Acrobat) which is version X (i.e. version 10). The rationale behind not fixing X is partly to save time (and not delay the fix for Reader 9) but also because users of Reader X should be protected from this exploit because X includes Protected Mode…
If you use Adobe Reader/Acrobat X – you must check if Protected Mode is switched on:
- Open Adobe Reader. In the menu bar select Edit \ Preferences \ General and then verify that “Enable Protected Mode at startup” is checked (ticked). If it isn’t then tick it and save your change.
Whilst in the Preferences options, follow these steps to further secure Adobe Reader against virus infected PDF files:
- Disable Windows Trusted Sites – click on the Security (Enhanced) category and untick ‘Automatically trust sites from my Win OS security zones’.
- Secure Trust Manager – click on the Trust Manager category and untick ‘Allow opening of non-PDF file attachments with external applications’.
The fix for Adobe Reader X and Acrobat X is planned with the next standard security update scheduled for January 10, 2012. I can understand Adobe not updating X now as only version 9 has been targeted by this vulnerability to date but to suggest that it’s not a problem for X because it has inbuilt protection – and then fix it next month anyway seems a little odd to me…
If you use Adobe Reader/Acrobat 9 – rather than wait for this fix, you really should update to version X immediately – Adobe claim “to date, there has not been a single piece of malware identified that is effective against a version X install. Help us help you by running the latest version of the software!”.
You can download the latest Reader X from Adobe here – remember to untick the bundled McAfee Security Scan if you don’t want it. After installing Reader X, follow the steps listed in the section on securing X above.