Security Bulletins

Adobe Acrobat & Reader Mailto Vulnerability Exploited

Background

A vulnerability in the mailto handling of Adobe Acrobat and Adobe Reader for Windows allows remote attackers to execute arbitrary code via a specially crafted PDF file.

Impact

Due to the wide-spread use of PDFs, the possibility exists for numerous systems to be exploited and for existing threats such as Storm Worm to exploit this vulnerability in the near future.

Platforms Affected

Users running Windows XP with Internet Explorer 7 installed. (Vista is not affected)

  • Adobe Reader 8.1 and earlier,
  • Adobe Reader 7.0.9 and earlier
  • Adobe Acrobat Professional, 3D and Standard 8.1 and earlier versions
  • Adobe Acrobat Professional, Standard, 3D and Elements 7.0.9 and earlier

Local Observations

The Information Technology Security Office (UISO) has not seen active exploitation of this vulnerability on any university systems, but is aware that the vulnerability is currently being exploited on the Internet at large.

UISO Recommendations

Apply updates from Adobe.

Sign up for e-mail notification of Adobe advisories.

Workarounds

1. Uninstall affected