Adobe proposes workaround to avoid PDF hacks
Adobe has provided a workaround to temporarily address the issue in its Reader and Acrobat software that could allow hackers to spread malicious software through an embedded content. The issue was highlighted earlier in March 2010 when security researchers found that PDF Reader and Acrobat could trick users to run an embedded malicious program in an innocent PDF document.
The workaround was posted on a blog by Adobe’s Product Manager, Steve Gottwals and Steve suggests to alter a Registry settings on Windows or grey-out a PDF preference which would stop users from turning on or launching the embedded content. The change in settings could be done by the System administrators.
In the meantime, Adobe is evaluating the best-suited way forward to push such workarounds through the Product updates.
Read Adobe’s blog on this workaround at http://blogs.adobe.com/adobereader/2010/04/didier_stevens_launch_function.html