Security

Link: http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html

There's a serious security issue in the wild today that is affecting Adobe versions 8 and 9, at least, and possibly earlier versions too.  The issue arises when an attacker sends the victim a malicious PDF file.  A what?!  "How can a PDF file be malicious?" you ask.  Well, recent versions of Acrobat support Javascript within PDF files.  "Why on earth would I want that?!" you're probably wondering.

I'm wondering too.

The solution is to disable it, and I think ALL of you should go and do that right this moment.  To disable it just open Adobe (Acrobat or Reader) then go to Edit | Preferences (or press CTRL+K) | Javascript and the very first option on the page lets you disable Adobe Javascript.  Just uncheck that box and OK your way back out.

Problem solved.

By the way, if you have BOTH Acrobat and Reader installed you'll want to change this setting in both of them.

You can find more information about this in the link above, or in this article.

UPDATE: There are active exploits for this in the wild.  A patch from Adobe is forthcoming but as of this writing not yet available.  More information from Network World here:

You can reach Ben M. Schorr at bens@rolandschorr.com or by phone at 808-782-6306.