Canais
| Vulnerabilidade no Adobe Acrobat e Adobe Reader |
 |
 |
- Categoria: Alertas
- segunda, 23 fevereiro 2009 11:02
| Sistemas Operativos Implicados: | Windows XP/NT/2K/Me/98/95, Linux |
| Aplicações Implicadas: | Indefinido |
A Adobe lançou o boletim de segurança APSB09-01 que descreve uma vulnerabilidade que afecta tanto o Adobe Reader como o Adobe Acrobat. Esta vulnerabilidade pode permitir a um atacante, remoto e não autenticado, a execução de código arbitrário.
I. Description
Adobe Security Bulletin APSB09-01
describes a memory-corruption vulnerability that affects Adobe Reader
and Acrobat. Further details are available in Vulnerability Note VU#905281.
An attacker could exploit these vulnerabilities by convincing a user to
load a specially crafted Adobe Portable Document Format (PDF) file.
Acrobat integrates with popular web browsers, and visiting a website is
usually sufficient to cause Acrobat to load PDF content.
II. Impact
An attacker may be able to execute arbitrary code.
III. Solution
Disable JavaScript in Adobe Reader and Acrobat
Disabling Javascript may prevent some exploits from resulting in code
execution. Acrobat JavaScript can be disabled using the Preferences
menu (Edit -> Preferences
-> JavaScript and un-check Enable
Acrobat JavaScript).
Prevent Internet Explorer from automatically opening PDF
documents
The installer for Adobe Reader and Acrobat configures Internet Explorer
to automatically open PDF files without any user interaction. This
behavior can be reverted to the safer option of prompting the user by
importing the following as a .REG file:
Windows Registry
Editor Version 5.00
[HKEY_CLASSES_ROOTAcroExch.Document.7]
"EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web
browser
Preventing PDF documents from opening inside a web browser will
partially mitigate this vulnerability. If this workaround is applied it
may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web
browser, do the following:
1. Open Adobe Acrobat Reader.
2. Open the Edit menu.
3. Choose the preferences option.
4. Choose the Internet section.
5. Un-check the "Display PDF in browser" check box.
Do not access PDF documents from untrusted sources
Do
not open unfamiliar or unexpected PDF documents, particularly those
hosted on web sites or delivered as email attachments. Please see Cyber
Security Tip ST04-010.
IV. References
- Adobe Security Bulletin apsa09-01 - <http://www.adobe.com/support/security/advisories/apsa09-01.html>
- Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/>
- Vulnerability Note VU#905281 - <http://www.kb.cert.org/vuls/id/905281>
Missão
O CERT.PT tem como missão contribuir para o esforço de cibersegurança nacional nomeadamente no tratamento e coordenação da resposta a incidentes, na produção de alertas e recomendações de segurança e na promoção de uma cultura de segurança em Portugal.
Contactos
Av. do Brasil 101
1700-066 Lisboa
Portugal
Tel: +351 218440177 (9h30-12h30, 14h00-17h30; GMT)
Fax: +351 218472167
email:
pgp: 342A 17BA DF71 E193 6871 0357 8BDE A247 C523 AAE7
Filiação
