Wow! This is awesome! Now we can get a virus infection from Adobe Acrobat Reader PDF files. Just what I've been waiting for! Actually, there was evidence a few years back (otherwise known as Proof of Concept) about how a specially-crafted Acrobat PDF file could be a distribution vector for viruses. There has been a virus, Exploit.PDF-JS.Gen, that has Javascript code embedded in the PDF file that executes malicious code on the user's computer. Oh, joy! Next, the anti-Obama crowd will blame this on him and his leftist-regime -- [nyuk]!
There are lots of exploits that can take place at this point. It appears that the other anti-virus software companies are finding this and blocking the PDF-JS exploit. Symantec, for example, is finding it as Bloodhound.Exploit.nnn
Some recommendations in dealing with this in a pro-active manner are:
To simply completely remove your browser's .pdf file handling settings, or at the very least, set them to save to disk. (Noted from this thread here: Google Groups -- New PDF exploit discovered). This is clearly the simplest solution and the least real hassle for end users. This can be accomplished with the following steps:
- Open Acrobat Reader and select Edit -->Preferences.
- Find and click the Internet option in the left-hand options navigation frame.
- Uncheck the Display PDF in Browser checkbox. At this point, your browser will download the PDF file to your computer where you can scan it with your anti-virus software before opening it in your PDF file reader.
Another very useful option is to turn off Javascript inside of Acrobat Reader. This might affect how some PDF files are displayed and/or interact with users, but is a good step to take until Adobe fixes this exploit issue in a future Reader version.
- Same as above, open Acrobat, and get into Preferences from the Edit menu.
- Find the Javascript option in the left-hand navigation menu. Uncheck the Enable Acrobat JavaScript option.
Another, viable alternative is to not use Adobe Acrobat Reader at all and to use the free FoxIt Reader 3.0 for Windows. I read the EULA (End User License Agreement) and did not find any mention that FoxIt Reader can't be used by educational institutes or businesses (it is "free for both personal and non-personal usage").
- FoxIt is smaller, faster to load, and doesn't have the vulnerabilities that Acrobat has.
- FoxIt also lets you fill out PDF forms, which is an option you have to pay (and dearly) to use in Acrobat.
- There is an awesome feature that lets you export all the text from a PDF file to a text-only file - very handy!
- There is a non-free version that has many more features.
So, take some preventive measures and steer clear of this nasty bugger. Be safe out there!
- bmaginni's blog
- Login to post comments
- 467 reads
Recent blog posts
- Favorite Android OS-Moto Droid Apps
- Word 2007 and Page Numbering & Sections
- New Firefox 3.5 Available
- Ubuntu & French National Police
- Acrobat Reader PDF as infection vector
- Word 2007 Multilevel Lists
- Java Upgrade Problem - Error 25099
- Adding/Updating Clip Art in Office 2007
- Shopping Safely Online
- Viruses, Worms and Thumbdrives
Who's online
Online users
- frenchwi
Syndicate
Recent comments
1 year 25 weeks ago
1 year 28 weeks ago
1 year 28 weeks ago
1 year 29 weeks ago
1 year 29 weeks ago
1 year 29 weeks ago
1 year 30 weeks ago
1 year 30 weeks ago
1 year 30 weeks ago
1 year 30 weeks ago