Acrobat vulnerability may affect Mac users

As if the baked-in security issues weren't enough to deal with, Adobe has announced today that all versions since v7 of Acrobat and Acrobat Reader on all platforms -- including Mac OS X -- are vulnerable to an Javascript exploit that can crash Acrobat. [Correction, per The Register and Shadowserver the vulnerability is not in Javascript per se but the circulating exploits use Javascript to leverage the actual flaw. Thanks to Adam Engst for the heads-up.] The same approach could possibly give an attacker unrestricted access to the target system. More from Download Squad on the scope of the problem; Adobe and others are reporting that there are already exploits in the wild for this problem.

Mac users have, of course, a very solid option for handling PDF files other than Acrobat: Preview, installed on every Mac OS X machine. You can also turn off Javascript support in the Acrobat preferences to lock out exploits from proceeding beyond crashing the app to actually doing widespread damage.

To change the default handler for PDF files, select any PDF file in the Finder and then select Get Info from the File menu. Under the Open With section, select Preview.app and then click Change All.
Share