RootsWeb.com Mailing Lists
Home

Results for list 'maringensoc'

Total: 1/1
    1. [MarinGenSoc] Adobe Acrobat and Reader Vulnerability
    2. Gene Pennington

    3. Since so many of us at MCGS use Adobe Acrobat or Adobe Reader, you should read this security bulletin from the National Cyber Alert System (http://www.us-cert.gov/). Gene Pennington MCGS Webmaster, CIG & TMG User Group http://www.maringensoc.org MCGS Blog: http://maringensoc.blogspot.com/ =========================================================================== National Cyber Alert System Cyber Security Alert SA09-051A Adobe Acrobat and Reader Vulnerability Original release date: February 20, 2009 Last revised: -- Source: US-CERT Systems Affected Adobe Reader version 9 and earlier Adobe Acrobat (Professional, 3D, and Standard) version 9 and earlier Overview Vulnerabilities in Adobe Reader and Acrobat may allow an attacker to take control of your computer. Adobe has released Security Bulletin APSB09-01, which describes this issue. Solution Disable JavaScript in Adobe Reader and Acrobat Disabling Javascript may prevent exploitation of this vulnerability. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript and un-check Enable Acrobat JavaScript). Disable the display of PDF documents in the web browser Preventing PDF documents from opening inside a web browser will help mitigate this vulnerability. To prevent PDF documents from automatically being opened in a web browser, do the following: 1. Open Adobe Acrobat Reader. 2. Open the Edit menu. 3. Choose the preferences option. 4. Choose the Internet section. 5. Un-check the "Display PDF in browser" check box. Do not access PDF documents from untrusted sources Do not open unfamiliar or unexpected PDF documents, particularly those hosted on web sites or delivered as email attachments. Please see Cyber Security Tip ST04-010. Description In Security Bulletin APSB09-01, Adobe describes an issue that affects some versions of Adobe Reader and Acrobat. By convincing a user to visit a web site and opening a malicious PDF file in the user's browser, an attacker could execute code or cause a computer to crash. Note that web browsers may be configured to open PDF files automatically. More technical information is available in US-CERT Technical Cyber Security Alert TA09-051A. References Adobe Security Bulletin apsa09-01 - <http://www.adobe.com/support/security/advisories/apsa09- 01.html> Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/> Vulnerability Note VU#905281 - <http://www.kb.cert.org/vuls/id/905281>

    02/20/2009 07:17:13