• We've upgraded our forums. Please post any issues/requests in this thread.

Critical Zero-Day Adobe PDF Bug Compromises Windows

malware

New Member
Joined
Nov 7, 2004
Messages
5,422 (1.13/day)
Likes
954
Location
Bulgaria
Processor Intel Core 2 Quad Q6600 G0 VID: 1.2125
Motherboard GIGABYTE GA-P35-DS3P rev.2.0
Cooling Thermalright Ultra-120 eXtreme + Noctua NF-S12 Fan
Memory 4x1 GB PQI DDR2 PC2-6400
Video Card(s) Colorful iGame Radeon HD 4890 1 GB GDDR5
Storage 2x 500 GB Seagate Barracuda 7200.11 32 MB RAID0
Display(s) BenQ G2400W 24-inch WideScreen LCD
Case Cooler Master COSMOS RC-1000 (sold), Cooler Master HAF-932 (delivered)
Audio Device(s) Creative X-Fi XtremeMusic + Logitech Z-5500 Digital THX
Power Supply Chieftec CFT-1000G-DF 1kW
Software Laptop: Lenovo 3000 N200 C2DT2310/3GB/120GB/GF7300/15.4"/Razer
#1
A critical zero-day PDF bug in Adobe's Acrobat Reader has been discovered. The scenario is that an attacker rigs a PDF file designed to exploit the flaw. He or she distributes it via e-mail or through other means, or hosts it on a Web page. When a user opens the rigged PDF file with a vulnerable application, the user's machine can be loaded with malware that makes it open to a takeover. This PDF vulnerability is even worse than the QuickTime flaw in Mozilla Firefox fixed 2 days ago. Both Mozilla Firefox flaw and PDF bugs have been discovered by Petko D. Petkov, aka pdp. The story comes as warning to all users working with Acrobat Reader. Please be careful until a fix is released. Click here or read Petko's web blog for more information.

Show full news post
 

malware

New Member
Joined
Nov 7, 2004
Messages
5,422 (1.13/day)
Likes
954
Location
Bulgaria
Processor Intel Core 2 Quad Q6600 G0 VID: 1.2125
Motherboard GIGABYTE GA-P35-DS3P rev.2.0
Cooling Thermalright Ultra-120 eXtreme + Noctua NF-S12 Fan
Memory 4x1 GB PQI DDR2 PC2-6400
Video Card(s) Colorful iGame Radeon HD 4890 1 GB GDDR5
Storage 2x 500 GB Seagate Barracuda 7200.11 32 MB RAID0
Display(s) BenQ G2400W 24-inch WideScreen LCD
Case Cooler Master COSMOS RC-1000 (sold), Cooler Master HAF-932 (delivered)
Audio Device(s) Creative X-Fi XtremeMusic + Logitech Z-5500 Digital THX
Power Supply Chieftec CFT-1000G-DF 1kW
Software Laptop: Lenovo 3000 N200 C2DT2310/3GB/120GB/GF7300/15.4"/Razer
#2
Hey, Petko is Bulgarian just like me, the man is becoming a legend. Two big flaws discovered by him in one week! :respect:
 

Wile E

Power User
Joined
Oct 1, 2006
Messages
24,318 (5.94/day)
Likes
3,682
System Name The ClusterF**k
Processor 980X @ 4Ghz
Motherboard Gigabyte GA-EX58-UD5 BIOS F12
Cooling MCR-320, DDC-1 pump w/Bitspower res top (1/2" fittings), Koolance CPU-360
Memory 3x2GB Mushkin Redlines 1600Mhz 6-8-6-24 1T
Video Card(s) Evga GTX 580
Storage Corsair Neutron GTX 240GB, 2xSeagate 320GB RAID0; 2xSeagate 3TB; 2xSamsung 2TB; Samsung 1.5TB
Display(s) HP LP2475w 24" 1920x1200 IPS
Case Technofront Bench Station
Audio Device(s) Auzentech X-Fi Forte into Onkyo SR606 and Polk TSi200's + RM6750
Power Supply ENERMAX Galaxy EVO EGX1250EWT 1250W
Software Win7 Ultimate N x64, OSX 10.8.4
#3
Hmmm, from reading his comments on his blog page, it seems it affects Foxit PDF reader as well, but to a lesser degree. Hope an update comes soon.
 

WarEagleAU

Bird of Prey
Joined
Jul 9, 2006
Messages
10,809 (2.59/day)
Likes
529
Location
Gurley, AL
System Name Boddha Getta Boddha Getta Bah!
Processor AMD FX 6100 @ 4.432Ghz @1.382
Motherboard ASUS M5A99X EVO AMD 990X AMD SB950
Cooling Custom Water. EK 240MM Kit, Supreme HSF - Runs 35C
Memory 2 x 4GB Corsair Vengeance White LP @ 1.35V
Video Card(s) XFX Radeon HD 6870 980/1100
Storage WD Caviar Black 1.0TB, WD Caviar Green 1.0TB, WD 160GB
Display(s) Asus VH222/S 22: (21.5" Viewable) 1920x1080p HDMI LCD Monitor
Case NZXT White Switch 810
Audio Device(s) Onboard Realtek 5.1
Power Supply NZXT Hale 90 Gold Cert 750W Modular PSU
Software Windows 8.1 Profession 64 Bit
#4
Man, it seems everything is getting infected these days.
 

ex_reven

New Member
Joined
Sep 4, 2006
Messages
5,217 (1.27/day)
Likes
159
#5
Hmmm, from reading his comments on his blog page, it seems it affects Foxit PDF reader as well, but to a lesser degree. Hope an update comes soon.
Meh, its no different to uploading a trojan laden .exe.
Any file downloaded from the 'net should be expected to be a virus unless you explicitly know or trust the person, website providing the file.

Is the PDF in question any more difficult for AV to pick up?
 

Helvetica

New Member
Joined
Sep 13, 2007
Messages
159 (0.04/day)
Likes
2
Processor Intel Core 2 Quad Q6600 Kentsfield 2.4GHz
Motherboard ASUS P5K-E/WIFI-AP
Memory 2GB DDR2 800mhz
Video Card(s) HD2900XT
Storage WD 10,000RPM
Display(s) 1920x1200
Audio Device(s) Creative
Power Supply 700w
#6
If you download a questionable .exe file, run a virus scan before opening it. I hate PDFs anyway. I avoid them at all costs. Takes ages to load now matter how powerful your PC is.
 

Wile E

Power User
Joined
Oct 1, 2006
Messages
24,318 (5.94/day)
Likes
3,682
System Name The ClusterF**k
Processor 980X @ 4Ghz
Motherboard Gigabyte GA-EX58-UD5 BIOS F12
Cooling MCR-320, DDC-1 pump w/Bitspower res top (1/2" fittings), Koolance CPU-360
Memory 3x2GB Mushkin Redlines 1600Mhz 6-8-6-24 1T
Video Card(s) Evga GTX 580
Storage Corsair Neutron GTX 240GB, 2xSeagate 320GB RAID0; 2xSeagate 3TB; 2xSamsung 2TB; Samsung 1.5TB
Display(s) HP LP2475w 24" 1920x1200 IPS
Case Technofront Bench Station
Audio Device(s) Auzentech X-Fi Forte into Onkyo SR606 and Polk TSi200's + RM6750
Power Supply ENERMAX Galaxy EVO EGX1250EWT 1250W
Software Win7 Ultimate N x64, OSX 10.8.4
#7