PDF Files, Again, Used To Deliver Maicious Code

Forum Moderators: phranque

Message Too Old, No Replies

PDF Files, Again, Used To Deliver Maicious Code

engine

11:19 am on Oct 27, 2007 (gmt 0)

Emails containing malicious PDF files have been putting computers at risk since Friday, Finnish security software firm F-Secure said on Saturday.
"The emails sent in bulk looked like credit card statements, and contained an attachment called 'report.pdf'," its chief research officer Mikko Hypponen said in a statement.

PDF Files, Again, Used To Deliver Maicious Code [uk.reuters.com]

Once again, we see this problem arising.

Please check you have the latest PDF reader to help combat security loopholes.

amznVibe

2:07 pm on Oct 27, 2007 (gmt 0)

I got tired about worrying if Adobe was disclosing all know issues in the first place and/or upgrading all the time - so I tried switching to the hyped "Foxit" reader (free version) and it does seem to work well. It's very small & fast actually. Reminds me of old Acrobat Reader 4.0

Robert Charlton

5:37 pm on Oct 27, 2007 (gmt 0)

Apparently, the underlying problem is in Windows, and Microsoft has acknowledged it.

Microsoft Circles Wagons Over Windows Security Threat [crn.com]

Microsoft is sounding the alarm over exploits that appeared this week for an unpatched bug in Windows, warning customers that third party patches don't address the underlying vulnerability....
....Windows users who have applied the patches that Adobe issued earlier this week for Acrobat and Reader are protected from that particular exploit. But because the flaw affects a core part of Windows known as the ShellExecute function, "these third party updates do not resolve the vulnerability -- they just close an attack vector," Sisk wrote.