Nov
Annotations Have the Last Word: Adobe Reader PDF Makes Mac OS Vulnerable
Annotations Have the Last Word: Adobe Reader PDF Makes Mac OS Vulnerable
Free Online Articles Directory
Why Submit Articles?
Top Authors
Top Articles
FAQ
AB Answers
0 && $.browser.msie ) {
var ie_version = parseInt($.browser.version);
if(ie_version Hello Guest
Login
Register
Hello
My Home
Sign Out
Email
Password
Remember me?
Lost Password?
Home Page > Computers > Annotations Have the Last Word: Adobe Reader PDF Makes Mac OS Vulnerable
Annotations Have the Last Word: Adobe Reader PDF Makes Mac OS Vulnerable
Posted: May 23, 2009 |Comments: 0
| Views: 254
|
]]>
Annotations Have the Last Word: Adobe Reader PDF Makes Mac OS Vulnerable
By: Carl Berkeley
About the Author
MacUsersGuide offers the latest news, reviews, how-tos and expert opinions on everything Mac users need to know. Find news and Macintosh Support at http://www.macusersguide.com.
(ArticlesBase SC #932401)
Article Source: http://www.articlesbase.com/ – Annotations Have the Last Word: Adobe Reader PDF Makes Mac OS Vulnerable
You could be getting more than you bargained for when you download a PDF or receive one as an email attachment. PDFs can run scripts upon opening them and could potentially compromise your system.
Adobe Systems Inc. confirmed the existence of two new vulnerabilities in their Adobe Acrobat Reader application. The news was announced May 4 by Trustwave and other security agencies which stated that Adobe expects to release patches by May 12, 2009. The vulnerabilities involve JavaScript functions that ‘getAnnots ()’ (CVE-2009-1492) and spell.customDictionaryOpen (CVE-2009-1493). According to Secunia.com the ‘getAnnots ()’ function is a JavaScript API in Acrobat Reader and Acrobat that allows remote assault to cause a denial of service through memory corruption or execute an arbitrary code via a PDF that contains that annotation. This is conducted through an OpenAction entry using JavaScript code that issues a series of crafted integer arguments or calls.
The customDictionaryOpen spell method is also a JavaScript API that affects Adobe Reader 8.x – 9.1 running primarily on Linux System. It allows remote hackers to deny services through a memory corruption and, similar to the ‘getAnnots’, may be executed through an arbitrary code via a PDF. Mac users don’t have to be too concerned about the customDictionaryOpen function as this is mainly something that will come up using Linux. The most troubling out of the two is the ‘getAnnots ()’.
These vulnerabilities cause a Macintosh-based Acrobat Reader versions 9.x – 8.x and Acrobat 9.x – 8.x to crash and have the potential to allow a hacker to attack and take control of a vulnerable system. Simply disabling JavaScript will not resolve anything; it only disables the vulnerable JavaScript component but does not reduce system compromise. The United States Computer Emergency Readiness Team (US-CERT) has recommended the following precautions for those that have or yet to encounter these PDFs.
Do not open unsolicited PDF files from distrusted or suspicious sources; switch your default PDF handler to Preview for the time being; and disable Adobe Reader JavaScript Preferences to prevent hackers from exploiting system vulnerabilities. To do this:
(1) Launch Adobe Acrobat Reader
(2) Select Edit from the Menu Bar
(3) Select Preferences
(4) Select the Internet Tab
(5) Uncheck the “Display PDF in Browser”
In addition, prevent your default browser (Internet Explorer, Firefox, Safari, etc.) from automatically opening PDF documents. The installer that loads Adobe Reader and Acrobat configures any one of your browsers to open a PDF file without any user interaction. To disable the browser from displaying of PDF documents:
(1) Launch Adobe Acrobat Reader
(2) From the main Menu select Edit
(3) Select Preferences, Click on the Internet tab
(4) Uncheck “Display PDF in browser” checkbox.
Avoiding opening PDF documents in a web browser reduces the possibility of attack. The following workaround applied to the updated version of Adobe Reader should protect against future vulnerabilities.
If you have a PC, additional preventative measures are listed at the US-CERT site that further reduce your chances of attack. Currently Adobe recognizes this as a critical issue and recommends that you follow the above listed steps and exercise common sense when opening PDF files. Please visit the Adobe Product Security Incident Response Team blog for further updates on this issue.
Retrieved from “http://www.articlesbase.com/computers-articles/annotations-have-the-last-word-adobe-reader-pdf-makes-mac-os-vulnerable-932401.html”
(ArticlesBase SC #932401)
Carl Berkeley –
About the Author:
MacUsersGuide offers the latest news, reviews, how-tos and expert opinions on everything Mac users need to know. Find news and Macintosh Support at http://www.macusersguide.com.
]]>
Rate this Article
vote(s)
0 vote(s)
Feedback
RSS
Print
Email
Re-Publish
Article Tags:
annotations have the last word adobe reader pdf makes mac os vulnerable
Latest Computers Articles
More from Carl Berkeley
How to Download and Install Adobe Acrobat Reader
Learn how to Download and Install Adobe Acrobat (“PDF”) Reader in Windows. (03:28)
PDF, (Portable Document Format) files are found all over the Internet. They are used by individuals and businesses alike. The PDF format was created by Adobe, but do you have to have Adobe Acrobat Reader on your computer in order to view PDF files? The short answer is no. Michael “Doctor File Finder” Callahan explains. (01:11)
How to Save your Adobe PDF Settings
Learn how to save your Adobe PDF settings. (03:05)
How to Set the Policy on the Adobe PDF Settings
Learn how to set the policy on the Adobe PDF settings. (02:19)
How to Convert to Adobe PDF from the Contextual Menu
Learn how to convert from the contextual menu to Adobe PDF. (02:05)
Your ads will be inserted here by
Easy Plugin for AdSense.
Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.
What’s So Magic About a Transistor?
You probably know that a computer performs calculations based on strings of instructions composed of ‘on’ or ‘off’ switches, but did you know that a computer can be constructed out of nearly anything, including coconut shells or microorganisms?
By:
Rand Whitehalll
Computersl
Nov 09, 2010
Affiliate Elite Review-Affiliate Elite Scam
Brand new affiliate marketing software allows you to work smarter, NOT harder and easily increase the sales that your business generates, or your money back!
By:
Greg Correll
Computersl
Nov 09, 2010
3D Covers Usb Loader Gx 3D Covers Usb Loader Gx
By:
Biylings Farwortl
Computersl
Nov 09, 2010
The Digital Revolution: More Profound than the Industrial Revolution?
There is no denying that we are well into the beginning of the computer age–a digital revolution. Just what exactly that means we don’t know yet and furthermore, this revolution has the potential for changing our lives in far more radical and multifarious ways than the industrial revolution ever did.
By:
Rand Whitehalll
Computersl
Nov 09, 2010
Affiliate Bizonline Review-Affiliate Bizonline Scam
Would you like to be able to press a button and let your computer do something like that for you?
By:
Greg Correll
Computersl
Nov 09, 2010
AffExpert Review-AffExpert Scam
Nah , that’s just the beginning. We showed you on the video above just 4 of our tools in action.
By:
Greg Correll
Computersl
Nov 09, 2010
How To get A Good Iphone Themes Download
If you are looking for a good iphone themes download, then you are very fortunate because there are a lot of sites all over the internet that you can use. With the help of these kinds of applications, you will be able to provide your Apple gadget some unique personality.
By:
Ian Donovanl
Computersl
Nov 09, 2010
Cyborgs and Androids: What is the Difference?
By now one would think that the difference between cyborgs and androids should be pretty clear, but that still doesn’t seem to be the case. If you think that the Terminator was a cyborg, you would be mistaken. He belongs to a special class of robots known as androids. But the Borg in Star Trek’s Next Generation are Cyborgs, and I’ll tell you why.
By:
Rand Whitehalll
Computersl
Nov 09, 2010
Annotations Have the Last Word: Adobe Reader PDF Makes Mac OS Vulnerable
You could be getting more than you bargained for when you download a PDF or receive one as an email attachment. PDFs can run scripts upon opening them and could potentially compromise your system. Adobe Systems Inc. confirmed the existence of two new vulnerabilities in their Adobe Acrobat Reader application. The…
By:
Carl Berkeleyl
Computersl
May 23, 2009
lViews: 254
Green Apple: Are The New Macs Really Better For The Environment?
Apple is now advertising their Mac mini as one of the first truly green computers. But what does this really mean, and how green is Apple. . .really? Don’t get Mac users started. There are a million reasons why a Mac is better than a PC, and if you’re…
By:
Carl Berkeleyl
Computersl
May 10, 2009
lViews: 142
ITunes Plus: Is the Upgrade Worth It?
Apple launched iTunes plus over a year ago, offering higher quality DRM-Free tracks through their iTunes store. For those of you who aren’t familiar with iTunes Plus, you’re probably asking what this means and perhaps even wondering how it will affect your iTunes music library. Well, the basics are pretty…
By:
Carl Berkeleyl
Computersl
Apr 30, 2009
lViews: 947
IPhone OS 3.0 : Exactly How Advanced is “Advanced”?
Don’t mess with a good thing. And the iPhone is definitely a good thing. Most iPhone users will tell you they couldn’t imagine living without it, but how much better can it get? How could Apple possibly cram another 100 features into the already unbelievable software included in iPhone SDK…
By:
Carl Berkeleyl
Computersl
Apr 27, 2009
Add new Comment
Your Name: *
Your Email:
Comment Body: *
Verification code:*
* Required fields
Submit
Your Articles Here
It’s Free and easy
Sign Up Today
Author Navigation
My Home
Publish Article
View/Edit Articles
View/Edit Q&A
Edit your Account
Manage Authors
Statistics Page
Personal RSS Builder
My Home
Edit your Account
Update Profile
View/Edit Q&A
Publish Article
Author Box
Carl Berkeley has 4 articles online
Articles Categories
All Categories
Advertising
Arts & Entertainment
Automotive
Beauty
Business
Careers
Computers
Education
Finance
Food and Beverage
Health
Hobbies
Home and Family
Home Improvement
Internet
Judaism
Law
Marketing
News and Society
Relationships
Self Improvement
Shopping
Spirituality
Sports and Fitness
Technology
Travel
Writing
Computer Forensics
Computer Games
Data Recovery
Databases
E-Learning
File Types
Hardware
Information Technology
Intra-net
Laptops
Networks
Operating Systems
Programming
Security
Software
]]>
Need Help?
Contact Us
FAQ
Submit Articles
Editorial Guidelines
Blog
Site Links
Recent Articles
Top Authors
Top Articles
Find Articles
Site Map
Webmasters
RSS Builder
RSS
Link to Us
Business Info
Advertising
Use of this web site constitutes acceptance of the Terms Of Use and Privacy Policy | User published content is licensed under a Creative Commons License.
Copyright © 2005-2010 Free Articles by ArticlesBase.com, All rights reserved.
MacUsersGuide offers the latest news, reviews, how-tos and expert opinions on everything Mac users need to know. Find news and Macintosh Support at http://www.macusersguide.com.