Take Your Time Adobe, It's Only a Severe Vulnerability

Adobe Systems released a security advisory on the new Adobe vulnerability affecting Acrobat Reader products and said they wouldn't be releasing an update until the second week in March. Come on Adobe, you can do better than that! Adobe Acrobat Reader 8 and 9 are believed to be affected by thenvulnerability that could allow execution of a trojan or virus. Thenexploit is being described as the, "TROJ_PIDIEF.IN" trojan.

"Adobe is planning to release updates to Adobe Reader and Acrobat tonresolve the relevant security issue. Adobe expects to make available annupdate for Adobe Reader 9 and Acrobat 9 by March 11th, 2009. Updatesnfor Adobe Reader 8 and Acrobat 8 will follow soon after, with AdobenReader 7 and Acrobat 7 updates to follow. In the meantime, Adobe is inncontact with anti-virus vendors, including McAfee and Symantec, on thisnissue in order to ensure the security of our mutual customers" the security article stated from Adobe.

Alright, they did say "by March 11th" but still, this is a highly critical exploit that needs to be addresses, IMO sooner than March 11th.

As we said yesterday, you can disable javascript in your Adobe Acrobat Reader products toneliminate the vulnerability as it uses Javascript to perform the codenexecution. To disable javascript go into Adobe Reader and click on Editn-> Preferences -> JavaScript and then uncheck the Enable AcrobatnJavascript. You should now be more safe from the vulnerability untilnAdobe releases a fix.