Yet Another Adobe Bug

Posted: October 9th, 2009 | Author: | Filed under: IT Related | Tags: , , , , , , | No Comments »

Nothing much but YES to agree with Didier Stevens with his statement:

PDF + JS = OMG

Yerp.. there is another vulnerability (CVE-2009-3459) in Adobe Reader and Acrobat today (GMT +8) and so far it is still 0 day..

*panic panic* What to do?

  1. Disable JavaScript support in Adobe Reader and Acrobat
  2. Enable DEP (for Windows)
  3. Use NoScript
  4. Use alternative PDF reader like Foxit, Gnome Document Viewer, yada yada..
  5. Don’t be a lame by opening unknown PDF attachment