Oiltalk    

  HomeLog InRegisterCommunity CalendarSearch the ForumHelp
   
Oiltalk > General Information > Tech Support > Hackers Further Exploit PDF Vulnerability Ahead of Patch  Forum Quick Jump
 
You cannot post new topics in this forum. You cannot reply to topics in this forum. Printable Version
[ << Previous Thread | Show Newest Post First ]

Forum Administrator
Forum Moderator


Date Joined Mar 2006
Total Posts : -56
 
   Posted 1/8/2010 10:00 AM (GMT -6)    Quote This PostAlert An Admin About This Post.
Non-fans of the PDF file format now have one more reason to harbor negative feelings towards it. Hackers have found another way to exploit a vulnerability on a rather large scale, and it's supposed to be five more days before Adobe puts a fix in place.

Jessa De La Torre, a threat response engineer at Trend Micro, explained the latest danger in a blog post, writing, "The sample (detected by Trend Micro as TROJ_PIDIEF.WIA) uses the heap spray technique to execute shellcode in its stream. As a result, a malicious file detected as BKDR_POISON.UC is dropped into the system."

De La Torre then continued, "When executed, BKDR_POISON.UC opens an instance of Internet Explorer and connects to a remote site, cecon.{BLOCKED}-show.org. Once connected, a malicious user may execute any command on the affected system."

And Adobe's announced that it won't provide a patch until Tuesday, January 12th.

Of course, standard be-careful-what-you-click-on practices will go a long way toward keeping people safe from this threat.

Individuals can do something else to protect themselves while Adobe readies its solution, too: users of Adobe Reader or Acrobat have the option of either utilizing the javascript Blacklist Framework, or manually disabling javascript if that seems easier.

Also, one other positive, semi-related story is that Adobe's working on a new update utility designed to automatically apply patches.

Maybe PDF's critics will find a little less to get upset about in the future, then.

www.SecurityProNews.com
Back to Top
 
You cannot post new topics in this forum. You cannot reply to topics in this forum. Printable Version
 
Forum Information
Currently it is Thursday, April 17, 2014 1:45 PM (GMT -6)
There are a total of 3,613 posts in 504 threads.
In the last 3 days there were 0 new threads and 0 reply posts. View Active Threads
Who's Online
This forum has 1634 registered members. Please welcome our newest member, thebigleebowski.
7 Guest(s), 0 Registered Member(s) are currently online.  Details

 
     
This page is copyrighted (all rights reserved) by Canadian Wellsite Inc., Calgary, Alberta, Canada
| Privacy Policy |