Tuesday, December 15, 2009

The Adobe Attacks Keep on Coming

Hackers are actively exploiting a previously unreported vulnerability in both Adobe Acrobat and Reader to compromise vulnerable computers worldwide.

And the Adobe hits keep on coming.

The flaw, in versions 9.2 and earlier, has been assigned CVE-2009-4324. Adobe's advisory provides very little information about the weakness being exploited in the wild, and no suggestions for mitigating exposure while we await a patch.

Initial reports point to turning off Javascript within the Adobe product itself as one method of protection, which might work for now, but as more exploits are crafted and launched, the delivery and execution mechanisms might change.

An alternative is to move away from Adobe products, as I noted here, here, here, here, and here.

Adobe continues to struggle with the security architecture of their products, and moving to a quarterly patch release hasn't given them the infosec street cred they were hoping to achieve. If you're still using Adobe to process .pdf files, then you're walking around with your pants around your ankles half the time as the bad guys have their way with you. Meanwhile, Adobe works on yet another patch for their leaky ship.

Bite the bullet and start using alternative .pdf products. Most of them are even free, so there's no good excuse for sticking with a vendor who keeps doing you wrong.



No comments:

Post a Comment

Please tell me what you think.