UPDATE: Apologies for the previous email that contained the wrong content.
For those of you who are not already aware, CCIP would like to bring
your attention the critical vulnerability in Adobe Reader and Adobe
Acrobat that could potentially allow an attacker to take control of the
affected system which was released on February 19:
CCIP is releasing this alert as it has been made aware of active
exploitation of this vulnerability in the wild. Adobe have stated that
they are expecting to release an update by 11 March 2009 for Adobe 9 and
updates for other versions (8 and 7) to follow soon after. Adobe has
reported that the following versions are affected:
* Adobe Reader 9 and earlier versions
* Adobe Acrobat Standard, Pro, and Pro Extended 9 and earlier versions
Shadowserver have a write up on their website:
The US-CERT write up (https://www.kb.cert.org/vuls/id/905281
the following mitigation advice:
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer
to automatically open PDF files without any user interaction. This
behavior can be reverted to the safer option of prompting the user by
importing the following as a .REG file:
Windows Registry Editor Version 5.00
Disable the displaying of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser may mitigate
this vulnerability. If this workaround is applied to updated versions of
the Adobe reader, it may mitigate future vulnerabilities. To prevent
PDF documents from automatically being opened in a web browser:
1. Open Adobe Acrobat Reader.
2. Open the Edit menu.
3. Choose the preferences option.
4. Choose the Internet section.
5. Un-check the "Display PDF in browser" check box.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those
hosted on web sites or delivered as email attachments
The CCIP Team
Centre for Critical Infrastructure Protection
Government Communications Security Bureau
P: +64 4 498 7654
F: +64 4 498 7655
This e-mail contains official New Zealand Government information, which
is intended for the use of addressees only. If you have received this
e-mail in error, please notify the sender immediately and delete.
You should not further disseminate, distribute or copy this e-mail in