Aside from patch updates, is there any way to mitigate the risks with adobe reader exploits? Frankly, I don’t know how most reader exploits work. However, is there any functionality that I can disable in reader that will make it more safe from most exploits?
Answer
Unfortunately, Adobe Reader has had numerous serious security vulnerabilites in the past years, and although Adobe has focused slightly more on security lately (establishing their
Product Security Incident Response Team (PSIRT)), it is wise to assume that new vulnerabilities will be found and exploited.
The most important things you can do is:
-
Read the Reader Security Guide, available from https://www.adobe.com/devnet/acrobat/security.html
-
In particular, disable Javascript if possible by setting bEnableJS under HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\9.0\JSPrefs to 0. Many of the recent exploits have utilized the Javascript support.
-
Keep an eye on the PSIRT blog and the ISC Storm Center for new vulnerabilities.
-
Establish an ongoing patch regime ensuring rapid deployment of new versions, and actively eradicate old versions.
-
The Adobe PSIRT publicly announced a serious flaw on December 14th 2009, but a patch was not available until mid-January 2010. For time intervals like this, you should have a plan for mitigating security controls, for example blocking PDFs on mail gateways and web proxies.
-
Consider the use of alternative PDF readers (Mac OS X has builtin support, Foxit Reader and others may be an alternative on the Windows platform)
Attribution
Source : Link , Question Author : Brett G , Answer Author : oddbjorn
