Thursday, 23 July 2009

Adobe Acrobat – Flash / PDF security issue

Heise Security report a critical security vulnerability relating to Adobe Flash Player, Adobe Reader and Acrobat 9.x for all platforms (Windows, Mac, Linux).

Your computer could be infected by a PDF trojan (Trojan.Pidief.G) and taken over by malicious hackers if you open an affected PDF document or visit an affected website whether via Internet Explorer or Firefox. (Flash is used for lots of things on the Web like displaying YouTube and other videos.)

The exploit hasn’t hit many people so far, but you don’t want to be one of them!

Until Adobe release an update to fix this (hopefully by the end of July), to protect yourself:

  • Don’t use Acrobat / Reader! There are other free PDF readers around like Foxit (though even they get security holes from time to time; but they’re less of a target)
  • Use Firefox / NoScript when browsing. Then Flash content will be blocked until you click to let it through. Needless to say, click at your own risk! And you still have to beware when opening downloaded PDF files.
  • Delete or rename the authplay.dll file, which in Windows is usually located at C:\Program Files\Adobe\Reader 9.0\Reader\authplay.dll or C:\Program Files\Adobe\Acrobat 9.0]\Acrobat\authplay.dll (I didn’t have it at all on my computer, oddly). This deletion may make some PDF files crash, but probably not many.
    • Note: you may need to get your computer to show hidden files first. In My Computer / Windows Explorer that’s Tools > Folder Options > View tab > Hidden Files and Folders – select Show hidden files and folders.
  • Disable Flash in your Reader, Heise has suggested (which is what I did, as I couldn’t find the authplay.dll on my Vista system). That’s done via Edit, Preferences, then Multimedia Trust; find the line Permission for Adobe Flash Player and select it, then choose Never from the Change permissions dropdown, and OK it. Here’s a screenshot for those who prefer visuals:

No comments: