• Services
• Get Help
• Accounts
• Computer Labs
• Software
• Training
• Network
• Hardware Purchases & Repair
• Information Systems Applications
• Information
• Alerts & News
• Security
• Policies & Standards
• Forms
• About Information Technology
• IT Planning
• Staff
• Organizational Chart

Hot Topics

Adobe Reader and Acrobat software have security defects not yet fixed by Adobe that criminals are using to break into computers

Adobe Reader 8.1.4 and 7.1.1 are now available to fix the security defect with earlier versions. It would be preferable to upgrade to the latest 9.x version ( currently 9.1 ) but there are some reports that version 9 has problems with Peoplesoft.

Adobe Reader 9.1 for Windows and Macintosh is now available to fix the problem described below. Fixes for Adobe Reader 7, Adobe Reader 8, and linux versions of Adobe Reader are expected later this month. Unless there is a pressing need for running version 7 or 8, it is recommened those versions be uninstalled and version 9.1 installed. Adobe has also released Adobe Acrobat 9.1 to fix the same problem with fixes for earlier versions expected later this month.

It is being reported that the popular Adobe Reader program used to display PDF documents has a security defect that is currently being exploited by criminals. At this time, the malicious activity appears to be limited though targeted. Once such defects are made public exploits usually spread rapidly. Adobe says it does not expect to have a fix available until March 11. Until that time, a malicious or compromised web site has the ability to take control of visiting computers. Clicking a link in maliciously crafted e-mail, messages, postings, and other locations may be sufficient to compromise a vulnerable computer.

It is currently believed that up to date versions of the campus provided Symantec anti-virus software will detect and block the currently known exploits of this defect.

Adobe Reader has had four security defects in the past year. Adobe Flash has had three. These defects have been used by criminals to infect computers. A simple re-configuration of Adobe Reader software reduces risk considerably. This is a recommended change.

To accomplish this:

1. Start Adobe Reader using the Windows Start button and Programs list.
2. Select Edit from the Adobe menu.
3. Go down the list and select the Preferences item.
4. On the left hand side, locate Javascript in the list and click on it to highlight it.
5. On the right-hand side, UNcheck the box that is labeled Enable Acrobat Javascript.
6. Click OK and close Adobe Reader.

As you can see, this is a simple change and easy to reverse if you experience problems displaying some PDF documents. No problems have been reported or experienced in testing.

Another way to reduce risk, albeit with a slight convenience penalty, is to reconfigure the computer so it doesn't automatically open Adobe Reader when a link to a PDF document is clicked. That way if you click a malicious link, instead of instantly opening and possibly exploiting Adobe Reader, you're asked if you want to open or save the document. This gives you an opportunity to avoid opening it if you didn't expect the document, it was reached by a link in unsolicited e-mail, or if you know there is a heightened risk of abuse due to recent incidents like now. This too, is a recommended change.

This is a multistep process. First, configure Adobe Reader:

1. Start Adobe Reader using the Windows Start button and Programs list.
2. Select Edit from the Adobe menu.
3. Go down the list and select the Preferences item.
4. On the left hand side, locate Internet in the list and click on it to highlight it.
5. On the right-hand side, UNcheck the box that is labeled Display PDF in Browser.
6. Click OK and close Adobe Reader.

Now configure your browser

For the Internet Explorer browser:

• Click no-auto-start-adobe.reg and save it to your desktop ( See the last step if you are not running your computer with an administrator account. That is, if you are using a safer user account for day to day operations )
• Double-click the downloaded file.
• When asked if you want to add the information to the registry, click yes.
• Start Internet Explorer
• Select Tools from the Internet Explorer menu.
• Go down the list and select the Manage Add-ons item.
• On the right, select Enable or Disable Add-ons
• At the top, click the drop down menu labled Show and select Add-ons that run without requiring permission
• Locate Adobe PDF reader and click it to highlight it
• At the bottom, click disable in the settings area
• Click OK and restart Internet Explorer
• Note - Should you wish to do so for some reason, you can reverse this change using the auto-start-adobe.reg file.
• If you are running your computer using a safer user account, you'll need to logout and log back in using your administrator "X account" to perform this procedure. There are ways to perform the procedure from your regular account but the procedure is too complicated to explain here. For those familiar with the Windows file system, the command can be run from the Start->Run menu as runas /user:YOURXACCOUNT "regedit \"documents and settings\YOURPROFILE\desktop\no-auto-start-adobe.reg\"" where YOURPROFILE is typically your eID

For the Firefox browser:

1. Start Firefox
2. Select Tools from the Firefox menu
3. Go down the list and select the Add-ons item
4. Locate and click on Adobe Acrobat
5. Click Disable

As with almost all such security defects and malicious attacks, operating the computer with a safer, standard user account reduces risk considerably.

• Symantec report
• ShadowServer report