Serious Adobe Security Breach
affects acrobat, cold fusion
On October 3, Adobe Systems announced a huge security breach. About 2.9 million customer records were hacked, and the source code to Adobe's Acrobat and Cold Fusion products was stolen.
BC ITS is following this breach and, as more details become available, will develop and share a plan with any required actions and recommendations.
For now, everyone in the BC community can take these steps to help minimize the risks associated with this security breach:
- Faithfully update any Adobe Acrobat you are running on any computer(s) or handheld devices. Adobe announced separately that there will be updates next Tuesday, October 8, to Acrobat. Running an old version of Acrobat without the most recent updates could open your computer up to attacks. If you do not have admin rights to update Adobe on your computer, please contact the BC Help Center at 617-552-4357, who will enter a ticket for your TC to help you.
Learn how to update Acrobat from Adobe.
- Switch and use some other PDF viewer if Adobe Acrobat is not required. Apple ships "Preview" as part of OS/X, and desktop Linux generally ships alternate PDF viewers instead of Acrobat. For Windows, stay tuned regarding possible non-Adobe PDF viewer options.
- If you have an application that uses the Cold Fusion application server, please contact firstname.lastname@example.org. Cold Fusion is an application server, rather than a program you buy separately on a server, so it may be bundled into another application that you develop, install, or administer to provide various services. If it's a component of anything you're running, please alert the Security team.
- Adobe announced it is going to contact affected customers. If you receive such a message, do not click on any links within it. Instead, type the link into your browser to assure it connects to Adobe, not a malicious site.
Adobe has indicated they will fix their programs to minimize the risk associated with the code theft; that it will be a longer-term effort, and BC ITS will share any future developments and recommendations.