Attackers Infect Ads With Old Adobe Vulnerability 70
thethibs writes "eWeek is reporting that just as everyone is buzzing about the latest Adobe vulnerability, someone poisoned ads hosted by Ziff-Davis with an older Adobe exploit (affecting versions 8.12 and earlier, and long since patched). Z-D fixed the problem less than 24 hours after its first appearance. The interesting bit of this is that a bunch of people probably got hit with the old Trojan when they browsed to a story about the new one."
another good reason...... (Score:5, Interesting)
to run scripts selectively ....
Which I do, and with no script the way I have... *shrugs* the little extra hassle is worth all the benefits!
So what exactly happened? (Score:5, Interesting)
So what servers were actually compromised by hackers? According to the article, Stephen Wellman, director of community and content for Ziff Davis Enterprise, says no ZD web sites were compromised and it "was not our fault." Whose fault was it? Does ZD use a third-party advertising service? If so, does anyone else use that same advertising service? If ZD runs its own ad servers, how is this not ZD's fault?
Re:Documents are not applications (Score:1, Interesting)
Actually, the early history of the evolution of the graphical web browser--after NCSA Mosaic was first released--tends to show the first ones to try to make an otherwise static HTML document have state (via cookies) and dynamic content (via LiveScript which later became JavaScript) would have been the ones who brought those features to the web in a *Netscape Navigator* release version.
So I tend to go ahead and blame them for de-facto planting the early seeds that allowed for privacy risks and web page vulnerabilities as the technology evolved and also got extended in various ways, rather than improperly blaming Microsoft.
Re:Documents are not applications (Score:4, Interesting)
You mean, like when a text file starts behaving like a program? What about simple text files with '#! /bin/sh' on the first line?
Unix had it right: everything is a file. Period. Programs, data ports, IP connections, shell scripts. All files. simple, human-understandable permissions. This isn't anything to do with Microsoft, it's just the natural order of developers scratching their itch.
Re:Adobe what? (Score:3, Interesting)
I find that most people who just say "Adobe" mean Adobe Photoshop. Apparently this guy meant Adobe Acrobat Reader. I suspected perhaps he meant Adobe Flash Player. Oh well.
This explains those random PDFs on my desktop (Score:3, Interesting)
It seems that I was fortunate. I never opened them since I didn't know where they came from, they went straight to the bin.