funsec mailing list archives
Malware spectre haunts Adobe Reader
From: "Richard M. Smith" <rms () computerbytesman com>
Date: Sat, 22 Sep 2007 08:29:35 -0400
I wonder why it took so long for someone to take a close look at Adobe Reader and PDF files for security flaws.... Richard http://www.theregister.com/2007/09/21/pdf_peril/ Malware spectre haunts Adobe Reader PDF peril By John <http://forms.theregister.co.uk/mail_author/?story_url=/2007/09/21/pdf_peril /> Leyden → More by this <http://search.theregister.com/?author=John%20Leyden> author Published Friday 21st September 2007 15:58 GMT Adobe Reader may be subject to a security hole that creates a means for hackers to take over vulnerable Windows boxes simply by opening a maliciously constructed PDF document. Gray hat hacker Petko Petkov, who first discovered the bug, omits details of the supposed flaw. He said <http://www.gnucitizen.org/blog/0day-pdf-pwns-windows> security concerns over the potency of the flaw alongside concerns over the time it might take for Adobe to come up with a fix have prompted him to hold back from publishing proof of concept code. By way of illustration, a video clip published by Petkov depicts how Windows calculator starts when a PDF document is opened. The same approach might be used to launch a malicious payload. Petkov verified the bug on Windows XP SP2 with the latest Adobe Reader 8.1, 8.0 and 7. Previous versions - as well as other PDF viewers - might also be affected. Windows Vista users, however, are projected against the attack, according to Petkov. ...
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Malware spectre haunts Adobe Reader Richard M. Smith (Sep 22)
- Re: Malware spectre haunts Adobe Reader security curmudgeon (Sep 26)