Adobe issued a warning on Wednesday that Acrobat and Adobe Reader 9.2 and 8.1.7 users should disable JavaScript to avoid application crashes and the potential for hackers to take over their system.
The attack is apparently delivered via maliciously crafted PDF documents, and affects Mac OS X, Unix and Windows. Mac and Unix users, however, will only experience application crashes, according to Adobe.
To disable JavaScript in Acrobat and Adobe Reader, do this:
- Launch Acrobat or Adobe Reader.
- Choose Acrobat > Preferences or Adobe Reader > Preferences.
- Select JavaScript.
- Uncheck Enable Acrobat JavaScript.
- Click OK.
It appears that examples of PDF documents that can take advantage of the flaw are in the wild, and Adobe is considering the threat critical. The company is, however, only promising a patch by January 12.