(imported topic written by jfschafer)
Just release Adobe Acrobat and Reader security flaw will allow code execution by tricking users with malicious PDF files. Not really patchable because it uses a default known feature in adobe and it’s expected to be a very popular exploit for malware writers and theives. (http://www.computerworld.com/s/article/9175159/Researcher_warns_of_impending_PDF_attack_wave)
Luckily there’s a work around but requires adding a registry key to the clients (same key value for every version of Acrobat or reader but the path to the value may be different depending on the version installed). I’m new to BigFix and was hoping one of you Bigfix gurus could post a custom fixlet here to help myself and I assume many others that don’t want to get hit with this adobe security flaw. Looking for a fixlet that will add this key and value if it doesn’t exist (or change the value to 0 if it does exist). If one is posted for Adobe 9 Reader, I and others could easily make ones for others versions.
Here’s what needs to be done to close the security hole while awaiting a patch:
Add the following DWORD value to:
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\Originals
Name: bAllowOpenFile
Type: REG_DWORD
Data: 0
Furthermore, an administrator can grey out the preference to keep end-users from turning this capability on, by adding the following DWORD value to: HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\Originals
Name: bSecureOpenFile
Type: REG_DWORD
Data: 1