Microsoft and Adobe Systems have announced that a recently released Microsoft toolkit can be used to block zero-day attacks targeting a security flaw in Adobe's Acrobat and Reader programs.
In an advisory published Friday, Microsoft detailed how its Enhanced Mitigation Experience Toolkit 2.0 could be used to short-circuit the threat. Adobe, which has not yet released a patch, updated its original advisory to reflect the new information.
Adobe considers the flaw to be "critical"--it could let an attackerrunning what is far and away the most popular PDF (portable document format) viewing system.
On Thursday, security company Trend Micro said it had foundrelated to the flaw.
In its advisory, Microsoft says the following:
"In order to enable EMET for Adobe Reader and Acrobat you have to install EMET and run the following simple command line as an Administrator. Please note the path to the Adobe Reader and Acrobat could be different in your system (especially if you are not using a 64 bit system).
C:\Program Files (x86)\EMET>emet_conf.exe --add "c:\program files (x86)\Adobe\Reader 9.0\Reader\acrord32.exe"
The changes you have made may require restarting one or more applications
We have been working closely with the Adobe Secure Software Engineering Team (ASSET) on recommending EMET as a mitigation option. Due to the time-sensitive nature of this issue, we have only been able to perform a cursory look at the functional compatibility of this mitigation. Keep in mind, Adobe Reader and Acrobat support broad feature sets, which require extensive testing to fully cover all functionality. Therefore, we recommend that you also test the mitigation in your environment to minimize any impact on your workflows."