Adobe Reader and targeted malware attacks

**DRC**SIPPENHAFT · **Posted:** Wed Mar 10, 2010 3:32 pm

http://blogs.zdnet.com/security/?p=5648&tag=nl.e550

If you’re still tardy in applying security patches for the ever-present Adobe Reader software, the chart below from F-Secure should jolt you into action.

**DRC**SIPPENHAFT · **Posted:** Mon Apr 05, 2010 3:33 pm

Security response teams at Adobe and FoxIt are investigating ways to mitigate a new PDF hack that allows the execution of an embedded executable without exploiting any security vulnerabilities.

A demo of the PDF hack has been published to show how a hacker could employ social engineering techniques to launch code execution attacks if a user simply opens a rigged PDF file.

http://blogs.zdnet.com/security/?p=5985&tag=nl.e550

**DRC**SIPPENHAFT · **Posted:** Wed Apr 07, 2010 6:35 pm

http://blogs.zdnet.com/security/?p=6028&tag=nl.e550

On the heels of a warning that malicious executables can be embedded into PDF files and launched with minimal user interaction, Adobe is suggesting that users configure its PDF Reader product to limit the damage from an attack.
Here are the instructions for mitigating a potential attack:

Users can also turn off this functionality in the Adobe Reader and Adobe Acrobat Preferences by selecting > Edit > Preferences > Categories > Trust Manager > PDF File Attachments and clearing (unchecking) the box “Allow opening of non-PDF file attachments with external applications”

**DRC**SuperC · **Posted:** Wed Apr 07, 2010 7:41 pm

Why isn't it turned off in the first place?

**DRC**SIPPENHAFT · **Posted:** Mon Apr 12, 2010 2:35 pm

http://blogs.zdnet.com/security/?p=6075&tag=nl.e550

Adobe today announced plans to ship a critical security patch next Tuesday (April 13, 2010) to fix multiple high-risk security holes in its Reader and Acrobat product lines.

The patches will be released alongside a new automatic updater software that the company hopes will speed up the downloading and deployment of its security fixes. The security fixes in this Reader/Acrobat patch batch will apply to Windows, Macintosh and UNIX users.

**DRC**SIPPENHAFT · **Posted:** Wed Apr 14, 2010 1:08 pm

Critical flaws haunt Adobe PDF Reader, Acrobat

Adobe dropped a bumper patch for its PDF Reader and Acrobat today to fix 15 documented security holes that expose Windows, Mac and UNIX users to malicious hacker attacks.

The update is rated “critical” because of the risk of remote code execution attacks via rigged PDF files.

According to an advisory from Adobe, the vulnerabilities affect Adobe Reader 9.3.1 (and earlier versions) for Windows, Macintosh, and UNIX, Adobe Acrobat 9.3.1 (and earlier versions) for Windows and Macintosh, and Adobe Reader 8.2.1 (and earlier versions) and Adobe Acrobat 8.2.1 (and earlier versions) for Windows and Macintosh.

http://blogs.zdnet.com/security/?p=6135&tag=nl.e550

**DRC**SIPPENHAFT · **Posted:** Mon Apr 19, 2010 1:54 pm

Embedded PDF executable hack goes live in Zeus malware attacks

http://blogs.zdnet.com/security/?p=6196&tag=nl.e550

Das Rebellion Forums

Register

Login

Adobe Reader and targeted malware attacks

Print view

Previous topic | Next topic

Who is online

DAS INFORMATION