Carsten Eiram, chief security specialist, Secunia
February 01, 2010
Threat of the month

THREAT OF THE MONTH

What is it?
In December, yet another zero-day vulnerability surfaced in Adobe Reader and Acrobat and was the fourth zero-day in 2009 to affect these products.

How does it work?
Apart from rendering PDF files, the programs also support the JavaScript for Acrobat API, which allows a PDF document to execute script in response to events. A so-called use-after-free error, where an object is referenced and used after having been deleted in memory, exists when executing the “Doc.media.newPlayer()” API method.

Should I be worried?
Yes. This allows an attacker to take control of the user's system and run malicious programs and malware when the user opens a malicious PDF document.

How can I prevent it?
Until fixes are available to address this vulnerability [issued Jan. 12], users are highly encouraged to disable “Acrobat JavaScript” support (enabled by default) in Adobe Reader and Acrobat to prevent exploitation.

– Carsten Eiram, chief security specialist, Secunia
From the February 2010 Issue of SCMagazine »
Similar Articles
close

Next Article in Opinions

More in Opinions

Follow me on this, your security team includes non-security people

Follow me on this, your security team includes ...

A successful security professional will tap into an organization's entire employee base to get results. And the benefits will go both ways.

Me and my job: Marty Edwards, ICS-CERT

Me and my job: Marty Edwards, ICS-CERT

Marty Edwards' job is to coordinate efforts between the government and the private sector.

Debate: Is advanced malware no longer a problem when administrator rights are ...

In this month's debate, experts discuss if advanced malware is still a persistent challenge after administrator rights are removed.