|
Affected Systems:
Adobe Acrobat and Adobe Acrobat Reader version 9 and earlier for Windows. At this point we do not believe Foxit Reader to be affected by this issue.
Please note:
Secunia has confirmed that JavaScript is NOT necessary for this exploit to be successful. To put it another way, DISABLING JAVASCRIPT MAY NOT PREVENT EXPLOITATION.
Description:
A bug in the Adobe Acrobat/Reader software allows a maliciously crafted PDF file to overwrite memory at an arbitrary location using the "heap spray" method via JavaScript.
Solution:
UPDATE: Updates are now available for Adobe Reader 9 and Acrobat 9 that address the vulnerabilities listed in this Adobe Security Advisory. Adobe Reader 7 & 8 and Adobe Acrobat 7 & 8 updates will be available by March 18th. Additionally, Adobe Reader 9.1 for UNIX will be available by March 25. Adobe Reader can be downloaded at http://get.adobe.com/reader/.
Please note: Foxit Reader should also be updated. Shortly after the release of the Acrobat 0day, vulnerabilities in Foxit Reader were also discovered. Users of Foxit Reader should update to version 3.0 immediately. Foxit Reader can be downloaded at http://www.foxitsoftware.com/downloads/
Adobe has reported that it will release a patch on March 11, 2009. In the meantime, you may wish to consider alternate PDF creation and reading software. If you or your users must continue to use Adobe Acrobat/Reader, please alert them to this issue and advise them to be extremly careful about opening PDFs that they did not create themselves.
Alternate PDF creators:
References:
http://www.adobe.com/support/security/advisories/apsa09-01.html
Source:
http://secunia.com/blog/44/
http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219
http://blogs.adobe.com/psirt/2009/02/adobe_reader_and_acrobat_issue.html
|
