Robert Hensing's Blog

Software Security . . . and stuff.

It begins . . . (PDF spam run)

It begins . . . (PDF spam run)

  • Comments 3
  • Likes

F-Secure is reporting that a PDF spam run has started that exploits the Adobe URI handler vulnerability (that is really sort of our vulnerability - where Acrobat is simply the current attack vector).

Couple things:

  1. The Adobe Acrobat update has been released as of October 22nd so make sure you update Acrobat ASAP.
  2. If you can't update Acrobat - you can enable the workaround they list in their bulletin that I link to above.

I want to give props to Adobe for having the foresight to include the ability to selectively disable features and functionality of the product like that! 

Comments
  • The Microsoft Security Response Center (MSRC) : MSRC Blog: October 25th Update To Security Advisory 943521

  • If you haven't update your Adobe Reader to v8.1.1, you better to do it NOW. The vulnerability is

  • The Microsoft Security Response Center (MSRC) : MSRC Blog: October 25th Update To Security Advisory 943521

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment