Tuesday, October 30, 2007
Tech: Adobe PDF vulnerability
There's a big scare about Adobe's PDF vulnerability lately. Adobe released patches to it's 8.x series Acrobat software and will release a patch for the 7.x series later. If for some reason you can't get the latest patched Acrobat software you can follow these steps to manually black the exploit ( from Adobe ):
Disclaimer: This procedure involves editing the registry. Adobe doesn't provide support for editing the registry, which contains critical system and application information. Make sure to back up the registry before modifying it. For more information about the registry, refer to Windows Help.
Exit Adobe Reader or Acrobat.
Open RegEdit. On Windows, go to Start > Run, type in regedit and click OK.
Choose File > Export.
Select Local Disk C for the Save in: location.
Type backup for File Name.
Choose All for the Export Range.
Click Save.
Navigate to the appropriate registry key:
NOTE: When editing the key values for Adobe Reader and Acrobat 7.0.9, Regedit will launch a Edit Binary Value window. Be sure to edit the values below using the right panel of the window.
Acrobat:
HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Adobe Acrobat\7.0\FeatureLockDown\cDefaultLaunchURLPerms
Reader:
HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Acrobat Reader\7.0\FeatureLockDown\cDefaultLaunchURLPerms
If tSchemePerms is set as follows:
version:1|shell:3|hcp:3|ms-help:3|ms-its:3|ms-
itss:3|its:3|mk:3|mhtml:3|help:3|disk:3|afp:3|disks:3|telnet:3|ssh:3|acrobat:2|mailto:2|file:2
To Disable mailto (recommended)
Modify tSchemePerms by setting the mailto: value to 3:
version:1|shell:3|hcp:3|ms-help:3|ms-its:3|ms-
itss:3|its:3|mk:3|mhtml:3|help:3|disk:3|afp:3|disks:3|telnet:3|ssh:3|acrobat:2|mailto:3|file:2
To set mailto to prompt
Modify tSchemePerms by removing the mailto: value:
version:1|shell:3|hcp:3|ms-help:3|ms-its:3|ms-
itss:3|its:3|mk:3|mhtml:3|help:3|disk:3|afp:3|disks:3|telnet:3|ssh:3|acrobat:2|file:2
Close RegEdit.
Restart the application.
Alternatively, it may be sufficient to use a third party PDF reader. I'd suggest Foxit Pro; it's fast, light-weight, and free :)
Labels: Adobe Acrobat, PDF, Security
Article Link posted by Edward at 5:05 PM
1 Comments:
- said...
-
Does this only affect Windows version of Adobe Acrobat?
- 10/30/2007 08:44:00 PM