Category Archives: exploit

Adobe puts out workaround for Acrobat exploit

The exploit we’ve previously mentioned here only affects you if your setup matches the following:

Platform: Windows XP (Vista users are not affected) with Internet Explorer 7 installed

Affected Software Versions:

  • Adobe Reader 8.1 and earlier versions
  • Adobe Acrobat Standard, Professional and Elements 8.1 and earlier versions
  • Adobe Acrobat 3D

Adobe has finally provided a workaround, though it’s not terribly straightforward if you’re uncomfortable mucking about in the registry:

http://www.adobe.com/support/security/advisories/apsa07-04.html

They plan to eventually provide a more user-friendly solution. Until then, the exploit–while not known to be out in the wild yet–has the potential to be extremely damaging; applying Adobe’s workaround is strongly recommended while we wait for them to provide a proper, more-polished patch.

PDFs can also be bad for you

Be careful out there.

A zero-day PDF vulnerability in Adobe’s Acrobat Reader has come to light that can lead to Windows boxes getting taken over completely and invisibly, according to a security researcher.

“All it takes is to open a [maliciously rigged] PDF document or stumble across a page which embeds one,” said researcher Petko D. Petkov, aka pdp, in a blog posting on Sept. 20.

[…]

Paul Henry, vice president of technology and evangelism at Secure Computing, based in San Jose, Calif., said in an interview with eWEEK that PDF vulnerabilities have a strong advantage when it comes to users being tempted into opening them, giving this vulnerability the potential to become a “huge” attack vector. “From a social engineering standpoint, it’s easier to attach a PDF to e-mail and assume [the target will] open it. If you’ve got a request to launch a video conversation from someone you never heard of, chances are you won’t do it. Or you won’t click on a video online if you don’t know where it’s from. But from a social engineering point of view, this is deeper.”

[…]

The scenario is that an attacker rigs a PDF file designed to exploit the flaw. He or she distributes it via e-mail or through other means, or hosts it on a Web page. When a user opens the rigged PDF file with a vulnerable application, the user’s machine can be loaded with malware that makes it open to a takeover.

[…]

“The ability to use PDFs to install malware and steal personal information from remote PCs is here,” he said in a statement. “Readers should be cautioned to only open PDF files from senders they explicitly trust.”

(Snippets from eWeek. Image from Adobe.)