Posts
The flaw is being actively exploited through the spread of malicious PDF files, according to Symantec. The executable is disguised as part of an email attachment. If users who have any version of Reader or Acrobat installed on their machines were to click on the attachment -- even if their PCs are fully patched -- they will be hit with the exploit.
Ben Greenbaum, senior research manager at Symantec Security Response, told SCMagazineUS.com on Tuesday that malware will be installed on the victim's computer and a secondary download also is likely to occur, which will install a trojan that attempts to steal financial data by hijacking keystrokes. Affected machines also likely will become part of a botnet.
To mitigate this vulnerability you need to disable JavaScript in Adobe Reader and Acrobat using the following instructions below:
1. Launch Acrobat or Adobe Reader. Most of you only have Adobe Reader. The office staff also has Acrobat.
2. Select Edit>Preferences
3. Select the JavaScript Category
4. Uncheck the 'Enable Acrobat JavaScript' option
5. Click OK
No comments:
Post a Comment