1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Critical Zero-Day Adobe PDF Bug Compromises Windows

Discussion in 'News' started by malware, Sep 21, 2007.

  1. malware New Member

    Joined:
    Nov 7, 2004
    Messages:
    5,476 (1.51/day)
    Thanks Received:
    956
    Location:
    Bulgaria
    A critical zero-day PDF bug in Adobe's Acrobat Reader has been discovered. The scenario is that an attacker rigs a PDF file designed to exploit the flaw. He or she distributes it via e-mail or through other means, or hosts it on a Web page. When a user opens the rigged PDF file with a vulnerable application, the user's machine can be loaded with malware that makes it open to a takeover. This PDF vulnerability is even worse than the QuickTime flaw in Mozilla Firefox fixed 2 days ago. Both Mozilla Firefox flaw and PDF bugs have been discovered by Petko D. Petkov, aka pdp. The story comes as warning to all users working with Acrobat Reader. Please be careful until a fix is released. Click here or read Petko's web blog for more information.

    Source: eWeek
     
  2. malware New Member

    Joined:
    Nov 7, 2004
    Messages:
    5,476 (1.51/day)
    Thanks Received:
    956
    Location:
    Bulgaria
    Hey, Petko is Bulgarian just like me, the man is becoming a legend. Two big flaws discovered by him in one week! :respect:
     
  3. Wile E

    Wile E Power User

    Joined:
    Oct 1, 2006
    Messages:
    24,324 (8.26/day)
    Thanks Received:
    3,778
    Hmmm, from reading his comments on his blog page, it seems it affects Foxit PDF reader as well, but to a lesser degree. Hope an update comes soon.
     
  4. WarEagleAU

    WarEagleAU Bird of Prey

    Joined:
    Jul 9, 2006
    Messages:
    10,797 (3.57/day)
    Thanks Received:
    546
    Location:
    Gurley, AL
    Man, it seems everything is getting infected these days.
     
  5. ex_reven New Member

    Joined:
    Sep 4, 2006
    Messages:
    5,225 (1.76/day)
    Thanks Received:
    171
    Meh, its no different to uploading a trojan laden .exe.
    Any file downloaded from the 'net should be expected to be a virus unless you explicitly know or trust the person, website providing the file.

    Is the PDF in question any more difficult for AV to pick up?
     
  6. Helvetica New Member

    Joined:
    Sep 13, 2007
    Messages:
    159 (0.06/day)
    Thanks Received:
    3
    If you download a questionable .exe file, run a virus scan before opening it. I hate PDFs anyway. I avoid them at all costs. Takes ages to load now matter how powerful your PC is.
     
  7. Wile E

    Wile E Power User

    Joined:
    Oct 1, 2006
    Messages:
    24,324 (8.26/day)
    Thanks Received:
    3,778
    Not if you use Foxit PDF Reader. http://www.foxitsoftware.com/pdf/rd_intro.php
     

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)

Share This Page