MozillaZine


PATCH NOW -- Adobe PDF exploits in-the-wild

Discuss various technical topics not related to Mozilla.
Post a reply
Harry Waldron
Moderator

User avatar
 
Posts: 550
Joined: October 19th, 2007, 12:04 pm
Location: Roanoke, VA

Post Posted February 12th, 2008, 12:43 pm

As PDFs are one of the standard documents exchanged by businesses, this new malicious exploit has already infected thousands of users While McAfee and other AV companies offer detections of this new PDF based malware, it's important to move to v8.1.2 (link is provided below for full version)

PATCH NOW -- Adobe PDF exploits in-the-wild
http://www.avertlabs.com/research/blog/ ... -the-wild/
http://vil.nai.com/vil/content/v_144105.htm

QUOTE: McAfee Avert Labs is tracking an active exploitation of a recently patched vulnerability in Adobe Acrobat Reader now in the wild. The current vulnerability can be embedded in a PDF file and manipulated through Adobe JavaScript. Complete mitigation requires upgrading Acrobat and Adobe Reader 7.x and 8.x to Version 8.1.2.

Adobe PDF exploit infects 'many thousands,' says researcher
http://www.computerworld.com/action/art ... Id=9061938

Adobe 8.1.2 PDF Reader site (22MB Download - uncheck Google toolbar option)
http://www.adobe.com/products/acrobat/readstep2.html

Note - Foxit and other PDF readers are excellent and lightweight alternatives ... Still many of us need to also use Adobe at work and this thread is shared to warn folks to update as soon as possible.
patermann
Folder@Home

User avatar
 
Posts: 454
Joined: October 20th, 2007, 1:24 pm
Location: UK

Post Posted February 12th, 2008, 2:54 pm

Does anyone know if Foxit Reader has similar problems? I don't think that they use any Adobe code for handling PDF files (they have their own) but that doesn't mean that malicious Javascript cannot cause problems for Foxit Reader as well.
You can try and make a system foolproof but fools can be very ingenious!
Folding for all it is worth
BenoitRen

User avatar
 
Posts: 5926
Joined: April 11th, 2004, 10:20 am
Location: Belgium

Post Posted February 12th, 2008, 3:59 pm

I would just turn off the JavaScript altogether. These are just documents, what do they need JavaScript for?
Madeline

User avatar
 
Posts: 327
Joined: September 21st, 2006, 10:57 pm
Location: Wales, UK

Post Posted February 12th, 2008, 11:31 pm

I don't think that Foxit would have the same problem as it's a different program. There's nothing about it on their site anyway. The latest version is v2.2, so it's possible that you may need to update to the new version.
As for Adobe Reader, I updated to v8.1.2 a week ago and a 22.4MB download on dial-up is no joke, believe me! I caught up on some reading while it was doing it though.
The difference between a democracy and a dictatorship is that in a democracy you vote first and take orders later; in a dictatorship you don't have to waste your time voting.
- Charles Bukowski
Harry Waldron
Moderator

User avatar
 
Posts: 550
Joined: October 19th, 2007, 12:04 pm
Location: Roanoke, VA

Post Posted February 13th, 2008, 8:27 am

FoxIt and other PDF readers are not affected ... It's a buffer overflow issue in Adobe itself that is being exploited.
patermann
Folder@Home

User avatar
 
Posts: 454
Joined: October 20th, 2007, 1:24 pm
Location: UK

Post Posted February 14th, 2008, 8:05 am

Thanks for that clarification, Harry.

@BenoitRen: I agree that Javascript is not (or should not be) required for most documents. However, documents containing interactive forms (such as some tax forms available from the UK Inland Revenue) often need Javascript for validation and/or calculation of fields. As you suggest, Javascript should probably be switched off most of the time, though.

patermann
You can try and make a system foolproof but fools can be very ingenious!
Folding for all it is worth

Return to MozillaZine Tech

Post a reply

Who is online

Users browsing this forum: No registered users and 0 guests