Vulnerabilidade no Adobe Acrobat e Adobe Reader

Destaques

O CERT.PT associa-se à Secunia na sensibilização dos utilizadores Internet para a necessidade de removerem as vulnerabilidades dos seus computadores.

Secunia PSI Download do software Personal Software Inspector

Segunda, 23 Fevereiro 2009 11:02

I. Description

Adobe Security Bulletin APSB09-01 describes a memory-corruption vulnerability that affects Adobe Reader and Acrobat. Further details are available in Vulnerability Note VU#905281.

An attacker could exploit these vulnerabilities by convincing a user to load a specially crafted Adobe Portable Document Format (PDF) file. Acrobat integrates with popular web browsers, and visiting a website is usually sufficient to cause Acrobat to load PDF content.

II. Impact

An attacker may be able to execute arbitrary code.

III. Solution

Disable JavaScript in Adobe Reader and Acrobat

Disabling Javascript may prevent some exploits from resulting in code execution. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript and un-check Enable Acrobat JavaScript).

Prevent Internet Explorer from automatically opening PDF documents

The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to the safer option of prompting the user by importing the following as a .REG file:

Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOTAcroExch.Document.7] "EditFlags"=hex:00,00,00,00

Disable the display of PDF documents in the web browser

Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied it may also mitigate future vulnerabilities.

To prevent PDF documents from automatically being opened in a web browser, do the following:

1. Open Adobe Acrobat Reader.
2. Open the Edit menu.
3. Choose the preferences option.
4. Choose the Internet section.
5. Un-check the "Display PDF in browser" check box.

Do not access PDF documents from untrusted sources

Do not open unfamiliar or unexpected PDF documents, particularly those hosted on web sites or delivered as email attachments. Please see Cyber Security Tip ST04-010.

IV. References

Adobe Security Bulletin apsa09-01 - http://www.adobe.com/support/security/advisories/apsa09-01.html>
Securing Your Web Browser - http://www.us-cert.gov/reading_room/securing_browser/>
Vulnerability Note VU#905281 - http://www.kb.cert.org/vuls/id/905281>

Tags: Adobe

Missão

O CERT.PT tem como missão contribuir para o esforço de cibersegurança nacional nomeadamente no tratamento e coordenação da resposta a incidentes, na produção de alertas e recomendações de segurança e na promoção de uma cultura de segurança em Portugal.

PT EN

Contactos

Av. do Brasil 101
1700-066 Lisboa
Portugal

Tel: +351 218440177 (9h30-12h30, 14h00-17h30; GMT)
Fax: +351 218472167

email:

pgp: 342A 17BA DF71 E193 6871 0357 8BDE A247 C523 AAE7

Filiação internacional

Canais

Feeds RSS

Alertas
Recomendações
Notícias

Utilizador
Senha
	Novo Utilizador