A security weakness in the ubiquitous Acrobat Reader software could be a boon for cybercrooks, security experts warned Wednesday.
An error in the Web browser plug-in of Adobe Systems' tool lets cybercrooks co-opt the address of any Web site that hosts an Adobe PDF file for use in attacks, Symantec and VeriSign iDefense said. An attacker could construct seemingly trusted links and add malicious JavaScript code that will run once the link is clicked, they said.
For example, an attacker could find a PDF file on a bank Web site and then create a hostile link to that file along with malicious JavaScript, Ken Dunham, director of the Rapid Response Team at VeriSign iDefense, said in a statement.
Just installed Foxit very impressed with it's speed and works well with IE 7
A better explanation of the flaw -
The vulnerability in Adobe Reader's browser plug-in, which was publicized Wednesday by several security companies, can let hackers force trusted Adobe PDF (Portable Document Format) files to run malicious JavaScript code on victimized PCs.
Early Wednesday, Symantec researchers insisted that only Firefox 1.5 and Opera 9.10 were vulnerable to a possible exploit; by Thursday, however, additional research had confirmed that some versions of Internet Explorer are at risk. According to an updated DeepSight threat network alert, IE 6.0 on XP SP2 equipped with Adobe Reader 6, as well as IE 6 on XP SP1 running Reader 7, are vulnerable. Also at risk: Firefox 1.5, Firefox 2.0, and Opera 9.10 when running either Reader 6 or 7.
"Version 6 of Internet Explorer is impacted," says David Cole, director of Symantec's security response group. "The best way for enterprises and users to protect themselves is to update Adobe Reader."
Late Wednesday, Adobe said that Reader 8.0, which was launched a month ago, was invulnerable to the cross-site scripting (XSS) bug, and recommended that all users update to that version immediately. "We encourage all users to update to this latest version of Adobe Reader," an Adobe spokesman wrote in an e-mailed statement. "[We are] also working on updates to previous versions that will resolve this issue." Fixes will be posted to Adobe's security site when they are completed, he added.
A recently discovered security weakness in the widely used Acrobat Reader software could put Net users at more risk than previously thought, experts warned Thursday.
Initially, security professionals thought that the problem was restricted and exposed only Web-related data or could support phishing scams. Now it has been discovered that miscreants could exploit the problem to access all information on a victim's hard disk drive, said Web security specialists at WhiteHat Security and SPI Dynamics.
Key to increased access is where hostile links point. When the issue was first discovered, experts warned of links with malicious JavaScript to PDF files hosted on Web sites. While risky, this actually limits the attacker's access to a PC. It has now been discovered that those limits can be removed by directing a malicious link to a PDF file on a victim's PC.
Probably a good reason to use something like Foxit Reader, although via the JavaScript Support add-on Foxit Reader also supports JavaScript in PDF documents.