Acrobat 0-Day Used in Targeted Attacks
You may have heard about a recently discovered 0-day vulnerability in Adobe Acrobat that has been used in targeted attacks. While this isn’t anything like a traditional phishing or malware attack, it could be considered a type of ‘spear’ phishing.
I say the amount of deal is surprising because very little information has come out about how to mitigate this attack. As a former IT security guy, this is extremely frustrating. Even in Adobe’s security advisory about the incident, they only information one is left with is to watch until March 11th for a patch. If you’re responsible for protecting users, there’s not much to do but hope your AntiVirus and other security products catch the attack.
Set this to 0×0 or 0×1 to disable or enable it respectively.
We’ve put together a simple batch file which automates this for you. Click here to down it.
Note that it has only been tested on Adobe Acrobat Reader 9.0.0 Standard US on Windows XP SP3. Use at your own risk.