Adobe Zero Day - How To Protect Yourselves?
A couple of hours ago, we wrote a detailed blog on Adobe's Zero-Day malware, found by Fireeye and investigated by Sophos Lab. The malware consisted of an exploit to hack Adobe Reader and Adobe Acrobat softwares. The recent upgrades of the two softwares have found to be insufficient in providing security to the PC running them. The exploits remain unlatched (as for now) and the user vulnerable.
Adobe is doing its part and has begun by issuing a formal bulletin offering its users advice on the matter:
Assess If You Are Being Attacked
If you are being attacked by the exploit, you may not realise it for a while. It's not an obvious attack as is the case with many malwares that are found today. The exploit basically takes over Readers using it to inject malware into your PC and reloads Reader with a clean PDF that doesn't look suspicious at all and does not function in an unexpected way. The user is therefore, at ease at what he sees on his PC not doubting it for a second.
Windows and Mac users are susceptible to such an exploit. It affects Reader and Acrobat, versions 9, X (10) and XI (11).
Windows users can defend themselves by first upgrading to version XI. Make sure that you do not opt to download the optional software (in this case, Google Chrome and Chrome toolbar) along with the update.
To protect yourself from the attack switch Protected View on:
In addition to a dependable anti-virus software and a firewall along with enforced Protected View, you are less prone to be affected by this malware.
For Mac Users
Mac users do not have a "Protected View" option. However, you can use the built-in Preview application as the default PDF viewer and avoid using Adobe. You can still load and use Reader but on your own terms. By doing so, you wont be as susceptible to the attack as you would be when its running in the background without your knowledge.
In The End
Be careful with what you receive in your emails. Do not open attachments that you receive in your emails unless they are from a trusted sender.
About the Author:
This article is written by Dr.Sindhia Javed Junejo. She is one of the core members of RHA team.