Exploited PDFs has been prevalent attack vector for awhile now but only in Windows but never been in Mac.
I had discussed this here, the prevalence, “util.printf()“, Virut generated PDFs and now the Zero day. This zero day vulnerability exist in Adobe Reader 9.0 and earlier and Acrobat 9.0 and earlier version. Unfortunately, this flaw remains unpatched as of the moment – as announce in advisory “Adobe expects to make available an update for Adobe Reader 9 and Acrobat 9 by March 11th, 2009.”
Here’s few recommendation to avoid this attack:
1) Go to Application folder and look for Adobe Reader and execute it.
2) Once open, click “Adobe Reader” and “Preferences” – or use shortcut key by pressing command and comma (,)
3) In Categories, click “Internet” and look on Web Browser options and uncheck “Display PDF in browser…”
5) Do not open or access PDF documents from an untrusted source, specifically if you are not expecting it.
6) Make sure your security scanner is using the latest signature update, and ensure that features like real time scanning are turned on.
For Windows users:
1) Prevent your default browser from automatically opening PDF documents. To do this, open your Adobe Reader by clicking on Start > All Programs > Adobe Reader <x> (where ‘<x>’ is the version). Once open, click Edit > Preferences, and uncheck Display PDF in Browser.
3) Do not open or access PDF documents from an untrusted source, specifically if you are not expecting it.
4) Make sure your security scanner is using the latest signature update, and ensure that features like real time scanning are turned on.
Please feel free to drop by and comment if this has been helpful to you! Also, if you have found suspicious websites or file, don’t hesitate to send it through @ meths101 (at) optusnet (dot) com (dot) au. Definitely, this will help other users!