Technology Blog, Web Design and SEO
Latest Technology Information plus SEO and Web Design News

We are a bunch of tech geeks, coders and designers. Read more ...

Search:

« Another Adobe Acrobat Reader Vulnerability

January 10, 2007
1

According to Adobe’s Security Advisory site there is another error with the Adobe Acrobat Reader program.

For those of you that do not know, when you visit a web site and click on a PDF file link to open it, this is the program that opens that PDF file right in your web browser.

The error is in the actual program itself, which lives on your computer. There is a flaw in the code that leaves you open to possible attack and it is to that fact that Adobe is alerting everyone.

Additionally, this newest error (which is different from the Acrobat error announced last week) has been give Adobe’s highest rating of “critical”. According to Adobe, this is the definition of a critical error:

A vulnerability, which, if exploited would allow malicious native-code to execute, potentially without a user being aware.

They are recommending that you upgrade to the latest version of Adobe Acrobat Reader

OR (not recommended by Adobe ;) )

Switch to Brava! PDF reader. This is the one that I use for several reasons and now I have one more reason ;) .

If you are a webmaster and want to protect visitors to your website who may click-to-open PDF files that you are publishing, there are some things you can do also.

For IIS 6.0 servers:

  1. Open the Internet Information Services Manager.
  2. Locate the folder containing PDFs under your Web site.
  3. Right-click the folder and select Properties.
  4. Select the HTTP Headers tab.
  5. Click the MIME Types… button.
  6. Click the New… button to create a new MIME type.
  7. Enter pdf for the Extension and application/octect-stream for MIME type.
  8. Click ok.
  9. Click ok.
  10. Click ok to apply the changes.

For Apache 2.2.3 Servers
Use mod_mime and AddType or mod_rewrite

  1. Open httpd.conf
  2. Locate the section
  3. Insert AddType applaction/octect-stream .pdf
  4. Close and Save httpd.conf
  5. Restart the Apache Service

If you are not comfortable with the above steps, do not attempt them. Alternatively, if you are with a managed host provider, contact them and see if they have taken these steps (probably they have not ;) ).

  • Share/Bookmark
added to Web, Security by Anthony
[ Link to this post | Trackback URl | Comment feed ]
your ad here

One commentto “Another Adobe Acrobat Reader Vulnerability”

  • January 10, 2007
    Madhur Kapoor wrote

    Thanks Anthony for posting . will be giving Brava PDF reader a try now ..

Return to Top
Grab Our Tech Feed
Technology Blog Staples® Internet Security Center BlackBerry phones

Technology Categories

Tech Tags

autocad autodesk CAD digital pictures dwf viewer Facebook george clooney leatherheads movie review microsoft zune nielsen photo editing pro photo tools rene zellweger revit youtube

Archives

Tech Links

    © 2012 - Crystal Coast Technologies Tech Blog
    Attorney Web Design | Greenville NC Web Design | Charlotte NC Web Design | Web Design Blog