{"id":1272,"date":"2009-12-15T11:14:22","date_gmt":"2009-12-15T10:14:22","guid":{"rendered":"http:\/\/blog.intego.com\/?p=1272"},"modified":"2009-12-15T11:14:22","modified_gmt":"2009-12-15T10:14:22","slug":"zero-day-adobe-acrobat-and-reader-attacks-in-the-wild","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/","title":{"rendered":"Zero-Day Adobe Acrobat and Reader Attacks In the Wild"},"content":{"rendered":"<p><img src=\"https:\/\/www.intego.com\/mac-security-blog\/images\/acrobat.jpg\"><\/p>\n<p>Adobe is investigating reports of a new zero-day attack against its Adobe Acrobat and Reader software that has been spotted in the wild. In a post on the <a href=\"http:\/\/blogs.adobe.com\/psirt\/2009\/12\/new_adobe_reader_and_acrobat_v.html\">Adobe security blog<\/a>, the company says, &#8220;This afternoon, Adobe received reports of a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions being exploited in the wild.&#8221; <\/p>\n<p>Adobe says little more about this vulnerability, but <a href=\"http:\/\/www.shadowserver.org\/wiki\/pmwiki.php\/Calendar\/20091214\">Shadowserver<\/a> provides more information:   <\/p>\n<blockquote><p>\nSeveral tests have confirmed this is a 0-day vulnerability affecting several versions of Adobe Acrobat [Reader] to include the most recent versions of 8.x and 9.x. We have not tested on 7.x, but it may also be vulnerable.\n<\/p><\/blockquote>\n<p>As to the cause of the vulnerability, Shadowserver tells us that they &#8220;have examined multiple different copies of malicious PDFs that exploit this issue,&#8221; and that &#8220;this vulnerability is actually in a JavaScript function within Adobe Acrobat [Reader] itself.&#8221;<\/p>\n<p>For now, the safest way to deal with this is to simply deactivate Javascript. There are very few reasons to use Javascript in PDFs to begin with, and it is, as we have seen over time, one of the common vectors of attack, both to programs like Adobe Reader and to web browsers. <\/p>\n<p>In Adobe Reader or Acrobat, choose Preferences > Javascript, then uncheck Enable Acrobat Javascript. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Adobe is investigating reports of a new zero-day attack against its Adobe Acrobat and Reader software that has been spotted in the wild. In a post on the Adobe security blog, the company says, &#8220;This afternoon, Adobe received reports of a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions being exploited in the [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[13,11],"tags":[14,15,110,144],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"Adobe is investigating reports of a new zero-day attack against its Adobe Acrobat and Reader software that has been spotted in the wild. In a post on the\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Zero-Day Adobe Acrobat and Reader Attacks In the Wild  - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"Adobe is investigating reports of a new zero-day attack against its Adobe Acrobat and Reader software that has been spotted in the wild. In a post on the\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2009-12-15T10:14:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.intego.com\/mac-security-blog\/images\/acrobat.jpg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Peter James\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/images\/acrobat.jpg\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/images\/acrobat.jpg\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/\",\"name\":\"Zero-Day Adobe Acrobat and Reader Attacks In the Wild - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/#primaryimage\"},\"datePublished\":\"2009-12-15T10:14:22+00:00\",\"dateModified\":\"2009-12-15T10:14:22+00:00\",\"description\":\"Adobe is investigating reports of a new zero-day attack against its Adobe Acrobat and Reader software that has been spotted in the wild. In a post on the\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Zero-Day Adobe Acrobat and Reader Attacks In the Wild\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116\"},\"headline\":\"Zero-Day Adobe Acrobat and Reader Attacks In the Wild\",\"datePublished\":\"2009-12-15T10:14:22+00:00\",\"dateModified\":\"2009-12-15T10:14:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/#webpage\"},\"wordCount\":219,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/images\/acrobat.jpg\",\"keywords\":[\"Acrobat\",\"Adobe\",\"Reader\",\"Vulnerability\"],\"articleSection\":[\"Security &amp; Privacy\",\"Software &amp; Apps\"],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116\",\"name\":\"Peter James\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g\",\"caption\":\"Peter James\"},\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/peter\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"Adobe is investigating reports of a new zero-day attack against its Adobe Acrobat and Reader software that has been spotted in the wild. In a post on the","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/","og_locale":"en_US","og_type":"article","og_title":"Zero-Day Adobe Acrobat and Reader Attacks In the Wild  - The Mac Security Blog","og_description":"Adobe is investigating reports of a new zero-day attack against its Adobe Acrobat and Reader software that has been spotted in the wild. In a post on the","og_url":"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/","og_site_name":"The Mac Security Blog","article_published_time":"2009-12-15T10:14:22+00:00","og_image":[{"url":"https:\/\/www.intego.com\/mac-security-blog\/images\/acrobat.jpg"}],"twitter_card":"summary_large_image","twitter_misc":{"Written by":"Peter James","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/#primaryimage","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/images\/acrobat.jpg","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/images\/acrobat.jpg"},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/","name":"Zero-Day Adobe Acrobat and Reader Attacks In the Wild - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/#primaryimage"},"datePublished":"2009-12-15T10:14:22+00:00","dateModified":"2009-12-15T10:14:22+00:00","description":"Adobe is investigating reports of a new zero-day attack against its Adobe Acrobat and Reader software that has been spotted in the wild. In a post on the","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"Zero-Day Adobe Acrobat and Reader Attacks In the Wild"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116"},"headline":"Zero-Day Adobe Acrobat and Reader Attacks In the Wild","datePublished":"2009-12-15T10:14:22+00:00","dateModified":"2009-12-15T10:14:22+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/#webpage"},"wordCount":219,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/zero-day-adobe-acrobat-and-reader-attacks-in-the-wild\/#primaryimage"},"thumbnailUrl":"https:\/\/www.intego.com\/mac-security-blog\/images\/acrobat.jpg","keywords":["Acrobat","Adobe","Reader","Vulnerability"],"articleSection":["Security &amp; Privacy","Software &amp; Apps"],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116","name":"Peter James","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g","caption":"Peter James"},"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/peter\/"}]}},"jetpack_featured_media_url":"","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-kw","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/1272"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=1272"}],"version-history":[{"count":0,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/1272\/revisions"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=1272"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=1272"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=1272"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}