[Infowarrior] - Thanks, Adobe. Protection for critical zero-day exploit not on by default

[Richard Forno]

Thanks, Adobe. Protection for critical zero-day exploit not on by default

Reader protected view: Like car airbags that work only if owners flip a switch.

by Dan Goodin - Feb 14 2013, 3:41am EST

http://arstechnica.com/security/2013/02/thanks-adobe-protection-for-critical-zero-day-exploit-not-on-by-default/

The recently discovered zero-day attacks targeting critical vulnerabilities in Adobe's ubiquitous Reader application are able to bypass recently added security defenses unless end users manually make changes to default settings, company officials said.

According to an advisory Adobe published Wednesday night, the "protected view" feature prevents the current attacks from  working—but only if it's manually enabled. To turn it on, access Preferences > Security (Enhanced) and then check the "Files from potentially unsafe locations," or even the "All files" option. Then click OK. There's also a way for administrators to enable protected view on Windows machines across their organization.

The revelation is significant because it means users aren't protected when using the default version of the widely used document reader. The limitation came to light following the discovery of in-the-wild attacks against current versions of Reader, which are being exploited to surreptitiously install malware on end-user computers. The exploit is also noteworthy because its intricate code base bypasses several additional protections added just four months ago with the goal thwarting malware attacks.

< - >


---
Just because i'm near the punchbowl doesn't mean I'm also drinking from it.