PATCH NOW -- Adobe PDF exploits in-the-wild

Discuss various technical topics not related to Mozilla.
Post Reply
User avatar
Harry Waldron
Moderator
Posts: 550
Joined: October 19th, 2007, 12:04 pm
Location: Roanoke, VA
Contact:

PATCH NOW -- Adobe PDF exploits in-the-wild

Post by Harry Waldron »

As PDFs are one of the standard documents exchanged by businesses, this new malicious exploit has already infected thousands of users While McAfee and other AV companies offer detections of this new PDF based malware, it's important to move to v8.1.2 (link is provided below for full version)

PATCH NOW -- Adobe PDF exploits in-the-wild
http://www.avertlabs.com/research/blog/ ... -the-wild/
http://vil.nai.com/vil/content/v_144105.htm

QUOTE: McAfee Avert Labs is tracking an active exploitation of a recently patched vulnerability in Adobe Acrobat Reader now in the wild. The current vulnerability can be embedded in a PDF file and manipulated through Adobe JavaScript. Complete mitigation requires upgrading Acrobat and Adobe Reader 7.x and 8.x to Version 8.1.2.

Adobe PDF exploit infects 'many thousands,' says researcher
http://www.computerworld.com/action/art ... Id=9061938

Adobe 8.1.2 PDF Reader site (22MB Download - uncheck Google toolbar option)
http://www.adobe.com/products/acrobat/readstep2.html

Note - Foxit and other PDF readers are excellent and lightweight alternatives ... Still many of us need to also use Adobe at work and this thread is shared to warn folks to update as soon as possible.
User avatar
patermann
Folder@Home
Posts: 454
Joined: October 20th, 2007, 1:24 pm
Location: UK

Post by patermann »

Does anyone know if Foxit Reader has similar problems? I don't think that they use any Adobe code for handling PDF files (they have their own) but that doesn't mean that malicious Javascript cannot cause problems for Foxit Reader as well.
You can try and make a system foolproof but fools can be very ingenious!
Folding for all it is worth
User avatar
BenoitRen
Posts: 5946
Joined: April 11th, 2004, 10:20 am
Location: Belgium

Post by BenoitRen »

I would just turn off the JavaScript altogether. These are just documents, what do they need JavaScript for?
User avatar
Madeline
Posts: 327
Joined: September 21st, 2006, 10:57 pm
Location: Wales, UK

Post by Madeline »

I don't think that Foxit would have the same problem as it's a different program. There's nothing about it on their site anyway. The latest version is v2.2, so it's possible that you may need to update to the new version.
As for Adobe Reader, I updated to v8.1.2 a week ago and a 22.4MB download on dial-up is no joke, believe me! I caught up on some reading while it was doing it though.
The difference between a democracy and a dictatorship is that in a democracy you vote first and take orders later; in a dictatorship you don't have to waste your time voting.
- Charles Bukowski
User avatar
Harry Waldron
Moderator
Posts: 550
Joined: October 19th, 2007, 12:04 pm
Location: Roanoke, VA
Contact:

Post by Harry Waldron »

FoxIt and other PDF readers are not affected ... It's a buffer overflow issue in Adobe itself that is being exploited.
User avatar
patermann
Folder@Home
Posts: 454
Joined: October 20th, 2007, 1:24 pm
Location: UK

Post by patermann »

Thanks for that clarification, Harry.

@BenoitRen: I agree that Javascript is not (or should not be) required for most documents. However, documents containing interactive forms (such as some tax forms available from the UK Inland Revenue) often need Javascript for validation and/or calculation of fields. As you suggest, Javascript should probably be switched off most of the time, though.

patermann
You can try and make a system foolproof but fools can be very ingenious!
Folding for all it is worth
Post Reply