Computerworld is reporting on a new problem with Adobe Acrobat and Reader software. Initially presented about ten days ago by security researcher Didier Stevens on his blog, this attack uses no underhanded tricks to perform its nefarious action. It simply uses a “feature” of Adobe’s PDF reader software that allows PDFs to contain instructions to open applications and execute code. Getting people to open the PDFs in question is one of social engineering, because they lead to a message being displayed by the software. However, the hacker creating the PDF can create the wording of this message, leading to the possibility that people will be tricked.
Well, you know about it, so go change the preferences in your Adobe PDF software. Or, just use the easy solution: Apple’s Preview instead of Adobe Acrobat or Reader.