- Joined
- Dec 17, 2000
- Location
- Portland, OR
It seems some sites are exploiting an insecure default setting in Adobe Reader. Instructions for fixing Adobe Reader are here (note you must do it for every user account on the machine)...
http://blogs.adobe.com/adobereader/2010/04/didier_stevens_launch_function.html
Zeus botnet exploits unpatched PDF flaw
http://www.computerworld.com/s/article/9175612/Zeus_botnet_exploits_unpatched_PDF_flaw
... or use an alternative like Foxit Reader.
Edit: Apparently Foxit Reader has the same flaw w/ any software revision older than the current version 3.2.0.0303
Authorization Bypass When Executing An Embedded Executable.
SUMMARY
Fixed a security issue that Foxit Reader runs an executable embedded program inside a PDF automatically without asking for user’s permission.
http://www.foxitsoftware.com/pdf/reader/security.htm#0401
http://blogs.adobe.com/adobereader/2010/04/didier_stevens_launch_function.html
Zeus botnet exploits unpatched PDF flaw
http://www.computerworld.com/s/article/9175612/Zeus_botnet_exploits_unpatched_PDF_flaw
Adobe said:As we investigate this, users can use the following method to further mitigate against this risk. For consumers, open up the Preferences panel and click on "Trust Manager" in the left pane. Clear the check box "Allow opening of non-PDF file attachments with external applications"
... or use an alternative like Foxit Reader.
Edit: Apparently Foxit Reader has the same flaw w/ any software revision older than the current version 3.2.0.0303
Authorization Bypass When Executing An Embedded Executable.
SUMMARY
Fixed a security issue that Foxit Reader runs an executable embedded program inside a PDF automatically without asking for user’s permission.
http://www.foxitsoftware.com/pdf/reader/security.htm#0401
Last edited: