ITS LOGO January 2007

Turn off the Acrobat Reader Plugin?

Contents

Introduction

Adobe Systems Incorporated has announced an exposure associated with the browser plugin provided with the 7.0.8 and older versions of their Adobe Reader product. The degree of this exposure is dependent on the browser and even browser version. While it has been indicated that the exposure does not allow the execution of binary code, the potential for the transfer of local files to remote sites exists. Users should either upgrade to Adobe Reader 8 available at http://www.adobe.com/products/reader/ or alternatively disable the Reader 7.0.8 plugin functionality within their browser.

The instructions for disabling the Acrobat Reader plugin is as follows:

Disabling the Acrobat Plugin

In Adobe Acrobat
• Select Edit from the main menu
• Select Preferences at the bottom of the drop down
• Select Internet from the list of options on the left
• Turn off Display PDF in browser
• Select OK

adobe

See Also

Western Communications Article:

http://communications.uwo.ca/western_news/story.html?listing_id=22500

Adobe Security Advisory:

http://www.adobe.com/support/security/advisories/apsa07-01.html

Symantec Security Response Article:

http://www.symantec.com/enterprise/security_response/weblog/2007/01/when_pdfs_attack.html

©2007, The University of Western Ontario. Permission is granted to copy in whole or in part provided that due credit is given to the authors, the Division of Information Technology Services, and The University of Western Ontario.

ITS Customer Support Centre <helpdesk@uwo.ca>
January 5, 2007