Security Advisory: Adobe Acrobat vulnerability
February 21, 2009 | POSTED BY BRETT EDGAR IN ADVISORIES
You know it's a bad week when circumstances warrant two Security Advisory posts. There is a zero-day vulnerability
Unfortunately, there is no easy way to affect this Acrobat configuration change across all of your corporate PCs at once. It does make me wish that Adobe provided a Active Directory Group Policy plug-in to enforce certain configuration settings on a domain-wide basis.
- As the PDF is an otherwise well-formed document, there is no easy way to detect a malicious document with any signature-based network monitoring like True's NSM service. The best advice I can provide is to ensure that all anti-virus signatures are up-to-date across your enterprise although the AV vendors are playing catch-up at this point, and I cannot find any definitive answer as to whether any of them can detect this exploit yet. Some people are saying that Symantec may possibly detect this in some form.
- I suspect that the largest number of deliveries of a malicious PDF would arrive via e-mail, and so I would also recommend that you remind your users via e-mail to avoid opening PDFs which arrive unexpectedly in e-mail, are from untrusted (non-business related) sources, and/or are named in such a way as to suggest that they are recreational and non-business in nature.
By far the quickest, easiest and likely (at this point) most-effective action you can take is to notify your users via e-mail as I describe in