Image by Nano Taboada via FlickrMicrosoft, Adobe: PDF security flaw treatable | Security - CNET NewsMicrosoft and Adobe Systems have announced that a recently released Microsoft toolkit can be used to block zero-day attacks targeting a security flaw in Adobe's Acrobat and Reader programs.
In an advisory published Friday, Microsoft detailed how its Enhanced Mitigation Experience Toolkit 2.0 could be used to short-circuit the threat. Adobe, which has not yet released a patch, updated its original advisory to reflect the new information.
Adobe considers the flaw to be "critical"--it could let an attacker take control of any of the millions of computers running what is far and away the most popular PDF (portable document format) viewing system.
On Thursday, security company Trend Micro said it had found malicious files in the wild related to the flaw.
In its advisory, Microsoft says the following:
"In order to enable EMET for Adobe Reader and Acrobat you have to install EMET and run the following simple command line as an Administrator. Please note the path to the Adobe Reader and Acrobat could be different in your system (especially if you are not using a 64 bit system).
C:\Program Files (x86)\EMET>emet_conf.exe --add "c:\program files (x86)\Adobe\Reader 9.0\Reader\acrord32.exe"
The changes you have made may require restarting one or more applications
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.