February 26 2009 • 5:23 PM

Protect Against Acrobat JavaScript Buffer Overrun Attack

What if a PDF could compromise the security on your computer, potentially leading to a virus taking control of your system? Adobe recently announced a bug in Acrobat 9 (and earlier versions, too, it says… though it doesn’t specify which other versions). Check out this tech note about it which includes a very easy fix (turn off a checkbox in Preferences).

Note that this bug will likely be patched after March 11, 2009.

2 Responses discussing this post. Add yours below.

  1. MarcusStringer
    February 26th, 2009 • 7:05 pm • Link

    I’ve never personally had that happen, but…

    For a format (PDF) which was suppose to be a final product, which was uneditable I find it increasingly unstable. what with all the comment options and the myriad of editing software out there.

    I find it just as dangerous these day as Microsoft office files with their “Do you want to enable macros” (read Do you want to install this virus).

  2. Roland
    February 27th, 2009 • 1:01 am • Link

    “the vulnerability is not in the scripting engine and, therefore, disabling JavaScript does not eliminate all risk”

    a.k.a. this solution really is nothing more than putting a band-aid on while on the way to hospital in case you get shot.

Subscribe to the Discussion

Get the ongoing discussion surrounding "Protect Against Acrobat JavaScript Buffer Overrun Attack" delivered to you. Click here to subscribe via RSS.

Leave a Reply

You can use limited HTML tags, such as <em></em> for emphasis/italics and <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> .

InDesignSecrets reserves the right to edit and/or remove posts and comments.