What is it?
In December, yet another zero-day vulnerability surfaced in Adobe Reader and Acrobat and was the fourth zero-day in 2009 to affect these products.
How does it work?
Apart from rendering PDF files, the programs also support the JavaScript for Acrobat API, which allows a PDF document to execute script in response to events. A so-called use-after-free error, where an object is referenced and used after having been deleted in memory, exists when executing the “Doc.media.newPlayer()” API method.
Should I be worried?
Yes. This allows an attacker to take control of the user's system and run malicious programs and malware when the user opens a malicious PDF document.
How can I prevent it?
Until fixes are available to address this vulnerability [issued Jan. 12], users are highly encouraged to disable “Acrobat JavaScript” support (enabled by default) in Adobe Reader and Acrobat to prevent exploitation.
– Carsten Eiram, chief security specialist, Secunia
In December, yet another zero-day vulnerability surfaced in Adobe Reader and Acrobat and was the fourth zero-day in 2009 to affect these products.
How does it work?
Apart from rendering PDF files, the programs also support the JavaScript for Acrobat API, which allows a PDF document to execute script in response to events. A so-called use-after-free error, where an object is referenced and used after having been deleted in memory, exists when executing the “Doc.media.newPlayer()” API method.
Should I be worried?
Yes. This allows an attacker to take control of the user's system and run malicious programs and malware when the user opens a malicious PDF document.
How can I prevent it?
Until fixes are available to address this vulnerability [issued Jan. 12], users are highly encouraged to disable “Acrobat JavaScript” support (enabled by default) in Adobe Reader and Acrobat to prevent exploitation.
– Carsten Eiram, chief security specialist, Secunia
