The security team from HQ issued us the following security alert but
will it disable (or create issues) which prevent us from using Adobe
to read Pdf files?
Any workaround or suggestion that will satisfy the security team and
users of Adobe are most appreciated.
[ Summary ]
A vulnerability was reported in Adobe Acrobat Reader that when successfully
exploited, allows a remote attacker execute arbitrary code.
An attacker can exploit this issue to execute arbitrary code with the
privileges of the user running the affected application or crash the
application, denying service to legitimate users.
The exploit is delivered as a specially crafted PDF document that when
triggered, several executable files that are embedded inside the malicious
PDF document would be installed.
Symantec detects this attack as:
[ Affected Systems ]
Adobe Acrobat Reader 9
Other versions may also be vulnerable
[ Solution/Workaround ]
There is no patch available from the vendor yet. Please implement the
following workarounds and mitigation measures where applicable.
Remind users to be vigilant when handling email attachments (PDF
documents in particular), especially from unsolicited and untrusted
Remind user not to follow links provided by unknown or untrusted source.
Keep anti-virus signatures updated.
Run Adobe Acrobat Reader as a non-privileged user with minimal access
cause a loss in functionality and cause malicious PDFs to crash Reader.
it will protect users from exploitation.)
(Embedded image moved to file: pic25918.jpg)
[ Reference ]