1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

Adobe Warns: New Exploit Poisons Pdfs - Dangerous

Discussion in 'News & Current Events' started by allheart55 (Cindy E), Sep 13, 2010.

  1. allheart55 (Cindy E)

    allheart55 (Cindy E) Administrator Administrator

    Joined:
    Jun 11, 2009
    Messages:
    10,617
    Location:
    Pennsylvania
    Operating System:
    Windows 10
    Computer Brand or Motherboard:
    ASUS M4A77TD AM3 AMD 770 ATX AMD
    CPU:
    AMD Phenom II X6 1090T-Thuban 3.2GHz
    Memory:
    Crucial-DDR3 SDRAM 1333-8GB
    Hard Drive:
    WD Caviar Black SE HDD 640 GB - WD Caviar Black SE HDD 500 GB
    Graphics Card:
    Sapphire Radeon HD-7870 2GB
    Power Supply:
    CORSAIR CMPSU-750W
    Security researchers have discovered a new PDF (portable document format) exploit in Adobe Reader
    and Acrobat they think could allow a hacker to remotely take over a system. In fact, the threat is so
    serious at least one expert has called the vulnerability scary.

    Adobe has acknowledged the flaw exists and could soon be exploited. In a statement, the company noted
    that the hole could be used to "cause a crash and potentially allow an attacker to take control of the
    affected system." (Source: adobe.com )

    Hackers Trick Users Into Opening Infected PDF
    Mac, Unix and Windows users are all affected by a bug that has targeted Adobe Reader 9.3.4 and Adobe
    Acrobat 9.3.4. It's suspected that most earlier versions of these two programs are also vulnerable.

    While Adobe did admit the problem existed, the company stopped short of providing details about the exploit.

    Instead, a much better description is coming from security company Secunia, which recently noted that the
    issue is related to a boundary error within the font parsing in CoolType.dll and can be exploited to cause a
    stack-based buffer overflow by... tricking a user into opening a specially crafted PDF file.
    (Source: eweek.com )

    Most troubling: not even security experts know of a way to help users affected by the flaw. Unfortunately,
    there are no mitigations we can offer," Secunia told tech blog, eWEEK. (Source: computerworld.com )

    Users Advised to be Vigilant with Emails and Files
    The best advice available right now: don't open emails or files sent by strangers, and always keep your
    anti-virus software and operating system up to date.

    "Adobe is actively sharing information about this vulnerability (and vulnerabilities in general) with partners
    in the security community to enable them to quickly develop detection and quarantine methods to protect
    users until a patch is available," said a Secunia representative. (Source: zdnet.com )

    Adobe hasn't yet announced when a patch targeting this issue will become available.
    [font="Comic Sans MS"]Full Article [/font]
     
    allheart55 (Cindy E), Sep 13, 2010
    #1

Share This Page