SOMIS News & Updates:

• Zimbra users are reporting an increase in spear-phishing attempts. Penn computer administrators will NEVER ask you for your password at any time via any medium. For more information about phishing, please see the following link.
• On Sunday, June 7, 2009 the Zimbra email service will be unavailable beginning at 2:00am until 8:00am as the software is upgraded. Any mail sent during this outage will be queued and delivered once Zimbra is available again.
• Ongoing issues with the UPHS network are slowing or preventing access to certain Penn services such as Kerberos, mail.med email, and BEN Reports. SOM IS is working with UPHS to make them aware of these continuing issues so that they may be resolved.
• Adobe has acknowledged a critical un-patched vulnerability in Adobe Reader versions 9.0 and earlier that can lead to machine compromise. Until a patch is available, SOM affiliates are advised to turn off Javascript from within Adobe Reader. Instructions for doing so are found at the following link.

Home > Security > Acrobat Vulnerability

Adobe Reader Vulnerabiltiy 2/23/2009

Multiple security vendors have reported, and Adobe has acknowledged, a critical un-patched vulnerability in Adobe Reader versions 9.0 and earlier. This vulnerability causes the application to crash and could potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited.

Adobe expects to make a patch available to resolve the relevant Adobe Reader 9.0 security issue by March 11th, 2009. In the meantime, Adobe has contacted antivirus vendors, including Symantec, and these vendors are currently including signatures in their products that attempt to remediate this vulnerability.

Short Term Workaround

To mitigate risk until the patches are released, we suggest disabling JavaScript from inside Adobe’s products. Follow the instructions below to disable JavaScript in Adobe Reader 9.0 (the Acrobat Pro 9.0 interface is quite similar).

Windows

Acrobat JavaScript can be disabled in Adobe Reader’s preferences:

1. Go to Edit -> Preferences... -> JavaScript
2. Un-check the Enable Acrobat JavaScript checkbox.
3. Click the OK button.

Mac OS

Acrobat JavaScript can be disabled in Adobe Reader’s preferences:

1. Go to Adobe Reader -> Preferences... -> JavaScript
2. Un-check the Enable Acrobat JavaScript checkbox.
3. Click the OK button.

For more information, please see Adobe's security bulletin on this vulnerability:

http://www.adobe.com/support/security/advisories/apsa09-01.html

Please contact SOMIS Security if you have any additional questions or concerns:

medsecurity@mail.med.upenn.edu

-----

Bob DeSilets

Information Security Analyst

desilets@mail.med.upenn.edu

(215)746-5578

© The Trustees of the University of Pennsylvania | Site Design by SOMIS Web Team