Adobe bug won’t be patched until Jan. 12
December 28, 2009 by Sam NarisiPosted in: In this week's e-newsletter, Latest News & Views, Security
A bug has been found in Adobe Acrobat and Reader, but the company says it won’t be patched for another few weeks. What should you do in the meantime?
The flaw can cause a crash and may allow an attacker to take control of the affected system. There are reports the bug is being actively exploited, Adobe said in a security advisory.
A patch won’t be released until January 12, which is when the next regular security update is scheduled.
In the meantime, Adobe says customers using Adobe Reader or Acrobat versions 9.2 or 8.1.7 can utilize the JavaScript Blacklist Framework to prevent this vulnerability.
Other users can mitigate the risk by disabling JavaScript in Acrobat and Reader. Instructions:
- Launch Acrobat or Adobe Reader.
- Select Edit>Preferences
- Select the JavaScript Category
- Uncheck the “Enable Acrobat JavaScript” option
- Click OK
DocuCrunch.com delivers the latest IT and Imaging news once a week to the inboxes of over 200,000 IT and Imaging professionals.
Click here to sign up and start your FREE subscription to DocuCrunch!
Tags: Acrobat, Adobe, flaw, Reader, vulnerability
