Tag Archives: Adobe

Adobe announces Thermo

Thermo image (from Adobe) It appears quite similar, at a glance, to what Microsoft is already doing with XAML/Expression/Silverlight/etc, allowing you to develop widgets graphically and turn them into components you can wire up and code against.

Note: it’s merely been announced at this point, not released in demo/trial form (so far)…

More info here.

(Image from Adobe)

PDFs can also be bad for you

Be careful out there.

A zero-day PDF vulnerability in Adobe’s Acrobat Reader has come to light that can lead to Windows boxes getting taken over completely and invisibly, according to a security researcher.

“All it takes is to open a [maliciously rigged] PDF document or stumble across a page which embeds one,” said researcher Petko D. Petkov, aka pdp, in a blog posting on Sept. 20.

[…]

Paul Henry, vice president of technology and evangelism at Secure Computing, based in San Jose, Calif., said in an interview with eWEEK that PDF vulnerabilities have a strong advantage when it comes to users being tempted into opening them, giving this vulnerability the potential to become a “huge” attack vector. “From a social engineering standpoint, it’s easier to attach a PDF to e-mail and assume [the target will] open it. If you’ve got a request to launch a video conversation from someone you never heard of, chances are you won’t do it. Or you won’t click on a video online if you don’t know where it’s from. But from a social engineering point of view, this is deeper.”

[…]

The scenario is that an attacker rigs a PDF file designed to exploit the flaw. He or she distributes it via e-mail or through other means, or hosts it on a Web page. When a user opens the rigged PDF file with a vulnerable application, the user’s machine can be loaded with malware that makes it open to a takeover.

[…]

“The ability to use PDFs to install malware and steal personal information from remote PCs is here,” he said in a statement. “Readers should be cautioned to only open PDF files from senders they explicitly trust.”

(Snippets from eWeek. Image from Adobe.)