Links
Critical Adobe Patch Released
GSA Reference Number: AD090311-01
Replaces GSA Reference Number: AD090220-01
Simply Put: Adobe Acrobat 9 and Reader 9 and earlier versions contain a critical vulnerability that allows arbitrary code execution. This issue is currently being exploited. Adobe has released a patch for Acrobat 9 and Reader 9. However, earlier versions of the product remain unpatched. Gladiator recommends upgrading all Adobe installations to version 9.1 if possible.
Vulnerability Details: The attack occurs when a user opens a malicious PDF document in either Acrobat or Reader. The PDF usually contains malicious JavaScript code that is then executed by the application. This code will exploit the vulnerability to possibly take control of the system. However, the JavaScript code is not required to execute the exploit; it only makes it more reliable. According to some reports, users only need to see the file in Windows Explorer to be exploited, since a thumbnail preview is all that is necessary to trigger the exploit.
Countermeasures: Gladiator recommends installing the new Adobe patch on all systems with Acrobat 9 and Reader 9. Institutions should consider upgrading all older versions to 9.1, if possible.
Related Links:
- Adobe Advisory (http://www.adobe.com/support/security/bulletins/apsb09-03.html)
- SANS Internet Storm Center (http://isc.sans.org/diary.html?storyid=6004)