jebsblog

Adobe Acrobat logo

UPDATE: New versions of Acrobat Reader 9 and Professional 9 are now available for download. Updates and patches to older versions are supposed to be available tomorrow, March 18th. Also note that I patched what I could and then today received what I thought to be a very suspicious e-mail with a PDF attachment. Read about it on my other blog

I learned this on Twitter a few days ago and am frankly surprised it has not become more widely knows. Basically, there has been a security problem found in the Adobe Acrobat Reader and Adobe Acrobat Professional which allows certain malware to attack your computer. Initially it was reported that by simply disenabling the JavaScript switch in Reader (and Professional) the problem went away. As an interesting aside, I did this and the very first PDF I downloaded and read an hour later came from Adobe and it required the JS switch be turned back on.

Anyway, in this latest report from ZD Net, it appears that that advice does not mitigate the problem and that Adobe is no closer to a solution than it was a few days ago.

So, the only general advice we can give sportsfans is to avoid opening Adobe Acrobat files until the security issue is resolved. As is stated in the ZD Net article: “All users of Adobe Reader/Acrobat should therefore show extreme caution when deciding which PDF files to open regardless of whether they have disabled JavaScript support or not.”

Here is a link to the ZD Net article with details

Update:  Here is more information from Adobe – but the general consensus is to make sure you have you Anti-Virus programs running and up-to-date.

http://blogs.adobe.com/psirt/2009/02/adobe_reader_and_acrobat_issue_1.html

http://www.adobe.com/support/security/advisories/apsa09-01.html

~jeb