Forgot your password?
typodupeerror
Security IT

Adobe PDF Exploits In the Wild 150

Posted by CmdrTaco
from the junkbusters-are-better-than-virus-scanners dept.
mambosauce writes "Brian Krebs, via the security fix blog is reporting that the recent PDF vulnerabilities which were patched only for Adobe Reader 8 and not 7 are being exploited via banner ads. As if there haven't been enough banner ad attacks this year now we have another one targeting one of the most popular applications in the world this weekend. At this rate there won't be many safe applications left to use."
This discussion has been archived. No new comments can be posted.

Adobe PDF Exploits In the Wild

Comments Filter:
  • by Anonymous Coward on Saturday February 09, 2008 @01:38PM (#22361204)
    That's what foxit and kpdf are for.
  • by dotancohen (1015143) on Saturday February 09, 2008 @02:01PM (#22361396) Homepage
    This is NOT "Adobe PDF Exploits In the Wild" but rather "Adobe Acrobat Reader Exploits In the Wild". The problem in is Reader, not in PDF. That's like calling Outlook scripting worms "email viruses". Oh, wait, blame the technology, not the software. Sorry, I forgot.
  • by FudRucker (866063) on Saturday February 09, 2008 @02:16PM (#22361490)
    in case anyone is interested kpdf is part of KDE's kde-graphics package...
  • by slaingod (1076625) on Saturday February 09, 2008 @02:29PM (#22361572) Homepage
    Except the problem is with Acrobat Reader, not Flash.
  • by JackieBrown (987087) <dbroome@gmail.com> on Saturday February 09, 2008 @02:32PM (#22361606)
    Okular in kde4
  • by Nemilar (173603) on Saturday February 09, 2008 @02:35PM (#22361632) Homepage
    Seriously, Adobe Reader has gotten huge in terms of file size, when compared to xpdf/kpdf/foxit/etc. I'm wondering if someone can explain to me what all this extra code is for? Obviously it must be doing something, but personally I've never seen the difference.
  • disable javascript (Score:5, Informative)

    by bcrowell (177657) on Saturday February 09, 2008 @02:45PM (#22361706) Homepage

    The article doesn't say explicitly, but I'm assuming this is related to the fact that the default configuration of AR will execute javascript that's embedded in pdf files. This is both a privacy issue (people can track readers) and a security issue (more than one stack overflow bug has been discovered that's related to js). To disable js, go to Edit, Preferences, JavaScript, and uncheck "Enable Acrobat JavaScript".

    There have been a lot of posts along the lines of "why the hell even use AR?" Well on Linux, I actually have Firefox set to open pdf files in xpdf, because it's faster, and I also habitually use xpdf to view pdf files when I'm not in a browser. (Evince is a little slower, but a little more full-featured and modern.) But I also have a copy of AR 8 installed on my Linux box, because it has some features that I find really useful once in a while, and also I want to be able to test my pdf files sometimes and make sure they'll look right for AR users. It's one of only two proprietary apps I have on my machine, the other being Flash. It would be great if the OSS community could produce a pdf viewer that was just a little more full-featured than Evince. (Flash is a whole different issue -- many of the things Gnash can't do, it can't do because of patents.)

  • by SanityInAnarchy (655584) <ninja@slaphack.com> on Saturday February 09, 2008 @03:06PM (#22361882) Journal
    *cough* *sputter* What?

    Slashdotters always making me spill my coffee...

    Oh, I see... is the issue that people are running older versions of Acrobat?

    If they can't be bothered to upgrade to the latest version, what makes you think they'll patch themselves? Are you suggesting that the big advantage of me running Free Software here is that I could be running kpdf 0.2 and patch the security holes? Or are you suggesting that someone who can't be bothered to update their software is going to have a better time of it on Linux, for which I've never seen a built-in, GUI way to force auto-updates?

    Of course, if you were going to suggest that Free Software doesn't have security bugs, I'd really have to laugh in your face...
  • Hello? Flash?! (Score:3, Informative)

    by Dachannien (617929) on Saturday February 09, 2008 @03:14PM (#22361962)
    People have been doing this with Flash (another now-Adobe product) for ages. One flash ad redirects you to a second flash widget on a malicious website to get around Adobe's lame attempts at cross-site protection, and that second flash ad gives you the business.

    Malware, that is. Intarweb gold. Russian tea.

  • Re:lynx (Score:4, Informative)

    by McDutchie (151611) on Saturday February 09, 2008 @03:19PM (#22362004) Homepage

    Good old lynx. Surfing the web in text-only since the beginning of internet time.

    I know you were kidding, but it's still worth pointing out that Lynx is not necessarily safer than any other app [google.com].

  • by Futil3 (931900) on Saturday February 09, 2008 @03:20PM (#22362026)
    Sumatra PDF [kowalczyk.info] is a very speedy and free (GPLv2) reader for the Windows people. (no affiliation, just a happy user.)
  • Re:I have both... (Score:4, Informative)

    by whoever57 (658626) on Saturday February 09, 2008 @03:25PM (#22362068) Journal

    But I also have it because it has one feature I dearly wish kpdf did: the ability to rotate the rendered PDF.
    Evince can do this.
  • by Anonymous Coward on Saturday February 09, 2008 @04:34PM (#22362606)
    Yes but ...
    * Can FoxitReader view Flash. WMV, Real and Quicktime content embedded into PDF files?
    * Can FoxitReader edit PDF files if they have been encypted and signed using Reader Extensions Server?
    * Can FoxitReader let its user participate in PDF reviews?
    * Does FoxitReader support submitting forms to a server backend using XML?
    * Does FoxitReader let you participate in online meeting using Adobe Acrobat Connect?
    * Does FoxitReader let you condense PDF files into a booklet?
    * Can you sign documents with FoxitReader if they have been flagged as such?
    * Does FoxitReader support OpenGL acclerated embedded 3D content?
    * Does FoxitReader support DirectX and other accelerated graphics API's?

    I am getting tired or all the Adobe Reader bashing from people that does not understand how capable this product really is. It can pretty much do everything that Acrobat Professional can do if the PDF signature permits it to. It's a piece of software aimed at everyone, from coorperations to home users. Adobe Reader is pretty much Adobe Acrobat without the save feature enable by default and the PDF Writer.
  • Google to the rescue (Score:4, Informative)

    by plover (150551) * on Saturday February 09, 2008 @06:03PM (#22363430) Homepage Journal
    A quick Google turned up this list [daube.ch] of plugins, so if you want to pick and choose which bits of extreme uselessness you want to avoid, it makes it a bit easier. Seriously, does anybody think it's a good idea to let a PDF send an email?

    Anyway, if you remove any of those files from your Reader/plug_ins folder, Acrobat Reader won't load them at launch time. It speeds up loading time of ordinary PDFs tremendously.

    What I really really don't understand is why Acrobat Reader doesn't dynamically load those plug-ins only upon demand? Seriously, why does it need to bring in any of that extra code just to display a catalog page from a web site? Digital signatures? If the PDF doesn't have one, I don't need to load the code to verify it. Accessibility? I'm not handicapped, I don't need or use a screen reader, ever. eBooks? I've never bought one, and probably won't for many years to come. And I never, ever, ever want to let a PDF send an email. That's just WRONG.

    It's a tremendous load of crap, made worse by their "always load, just in case" philosophy.

  • by Anonymous Coward on Saturday February 09, 2008 @06:20PM (#22363592)
    SumatraPDF is a free, open source PDF reader for Windows.
    It is light-weight, ~1 megabyte.

    http://blog.kowalczyk.info/software/sumatrapdf/ [kowalczyk.info]

"Trust me. I know what I'm doing." -- Sledge Hammer

Working...