Forum Home |  MWR University |  New to the Board? |  IRC Chatroom |  Who Runs This Site? |  ASAP Members |  Microsoft MVP Members |  Downloads |  Good & Bad P2P Programs |  Our Rules

MalWare Removal Forum

Malware Removal University - Teaching people how to support those with infected computers - Teaching them to never give up untill your computer is clean and secure.

Tutorials (etc.) : Boot to Safe Mode - Safely - What to do if your Computer's running slowly
It is currently Sun 19 May, 2013 5:03 pm

View unanswered posts | View active topics


Board index » News, etc. » News Desk

All times are UTC [ DST ]

Forum rules


The Software Update Topics that are located at the top of the Topic List are only to be updated and/or posted to by members of the Malware Removal University, whose responsibility it is to maintain those topics.

Regular Members are welcome to start and/or contribute to all other topics, and are encouraged to do so.



Post new topic Reply to topic  Page 1 of 1
  [ 2 posts ] 
  Previous topic | First unread post | Next topic 
Author Message
Sludge3000
 Post subject: Temporary solution for Adobe bug
New postPosted: Thu 08 Apr, 2010 9:26 am 
Offline
Regular Member
User avatar

Joined: Wed 15 Apr, 2009 8:47 pm
Posts: 679
Location: Somewhere fluffy
Quote:
The attack was first demonstrated last week by researcher Didier Stevens. By misusing a feature contained in the PDF specification, his proof-of-concept attack showed how hackers could embed a malicious payload in a document and trick Adobe's Reader and Acrobat applications - as well as the competing FoxIT Reader - into executing it.

Quote:
In the meantime, users who have no need for the automatic launch feature (and we're guessing this is 90 percent or more of them) can mitigate the threat by modifying their Reader or Acrobat preferences. To do this, go to Edit > Preferences and click on Trust Manager in the left pane. Then, uncheck the box for "Allow opening of non-PDF file attachments with external applications."


Full story @ The Register

Top
 Profile E-mail  
 
Sludge3000
 Post subject: Re: Temporary solution for Adobe bug
New postPosted: Fri 16 Apr, 2010 9:10 am 
Offline
Regular Member
User avatar

Joined: Wed 15 Apr, 2009 8:47 pm
Posts: 679
Location: Somewhere fluffy
UPDATE - Bug now being abused in the wild.

Quote:
Criminals behind the notorious Zeus crimeware package have begun exploiting an unpatched hole in the widely used portable document format to install malware on end user computers.

The booby-trapped PDF documents arrive in emails that purport to contain a billing invoice, according to a post from M86 Security Labs. If the user opens the documents and clicks through a series of dialog boxes, PDF readers from Adobe will execute a file that makes the PC a part of a botnet (The FoxIT reader will automatically save the malicious file on the user's hard drive.)


Full story @ The Register

Blog post @ m86 security
_________________

Top
 Profile E-mail  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 2 posts ] 

Board index » News, etc. » News Desk

All times are UTC [ DST ]

Who is online

Users browsing this forum: No registered users and 2 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk.

Member site: Alliance of Security Analysis Professionals | UNITE Against Malware

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group