Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Security IT

Foxit One-Ups Adobe In Blocking PDF Attack Tactics 112

Posted by kdawson from the can't-fox-us dept.
CWmike writes "Foxit Software, the developer of a rival PDF viewer to Adobe's vulnerability-plagued Reader, released an update on Tuesday that blocks some attacks with a 'safe mode' that's switched on by default. Foxit Reader 3.3 for Windows' 'Trust Manager' blocks all external commands that may be tucked into a PDF document. 'The Foxit Reader 3.3 enables users to allow or deny unauthorized actions and data transmission, including URL connection, attachment PDF actions, and JavaScript functions,' the update's accompanying text explains. Last week, several security companies warned of a major malware campaign that tried to dupe users into opening rigged PDFs that exploited an unpatched design flaw in the PDF format, one attackers could use to infect users of Adobe's and Foxit's software. That flaw in the PDF specification's '/Launch' function was disclosed in late March by Belgium security researcher Didier Stevens, who demonstrated how he could abuse the feature to run malware embedded in a PDF document. He also reported he had figured out how to change Adobe Reader's warning to enhance the scam."
This discussion has been archived. No new comments can be posted.

Foxit One-Ups Adobe In Blocking PDF Attack Tactics More

Foxit One-Ups Adobe In Blocking PDF Attack Tactics

Comments Filter:

  • Re:If Foxit Can Do It ... (Score:4, Interesting)

    by PPalmgren ( 1009823 ) on Tuesday May 04, 2010 @06:44PM (#32091988)

    Foxit has something to gain from this. For a long time, Adobe only had money to lose by spending anything on their dominant reader that you *had* to use. It appears they haven't lost that mindset.

  • Re:Hey! This thing has code! Were you expecting th (Score:1, Interesting)

    by Anonymous Coward on Tuesday May 04, 2010 @07:04PM (#32092140)

    It...won't work. Users are stupid. Not the programmers. The users.

    Do you trust the source of this? "Sure, I trust Chuck not to forward me a virus" Of course, they never think that chuck is forwarding Anna K nekkid pics from Bob, who got it from Albert, who got it from Zed, who got it from Debby...

    And of course, they'd never contemplate it might not actually be Chuck that sent it, but a virus Chuck opened up and scanned his inbox or address books. And that's just using issues that hit the streets over a decade ago.

    No, nobody would *ever* innovate with malware, and actually do something like reply all to current emails to make them context sensitive in a current thread chain.

    "Great point $SENDER, but there's a minor flaw. It's a bit hard to explain--but I've got it in this attachment... $CARBONCOPYLIST, can you confirm?"

    Or run a multi-stage attack... or spoof an administrator saying to apply something... or host an e-card as shadyporn.cum, please click in the link and login with your AOL userid to continue...

    No...users are the problem, and any amount of warnings you do will invariably result in one of two behaviors:
        1) they will be told by IT to hit "ignore" once, and they will hit ignore FOREVER MORE.
        2) they will be told it's dangerous by their nephew, and ignore it no matter what. If IT tells them to hit it "just once" they will either
                a] lie and not actually hit it, but say they did
                b] goto 1)

    Bottom line--all people between keyboard and chair known as "users" are fucking incapable of exercising any judgement, discretion, or common sense.

    Yeah, I'm in IT for a living. And my attitude isn't the problem. If you're incensed by this--you are.

  • Re:Evince (Score:1, Interesting)

    by Anonymous Coward on Tuesday May 04, 2010 @07:06PM (#32092170)

    ... or xpdf...

  • Re:If Foxit Can Do It ... (Score:4, Interesting)

    by Low Ranked Craig ( 1327799 ) on Tuesday May 04, 2010 @07:31PM (#32092354)
    I don't think it's so much that they are lousy, I think it's that most companies simply send over source code and a spec and expect a working product back. We code review all changes and over 70% of fixes/enhancements from the Indian dev team were rejected on the first go, as compared to less than 20% for the team in California. Of course since the VP of engineering is originally from India and the outsourcing is his baby, the program is "doing really well".

  • Re:Adobe is down down down (Score:3, Interesting)

    by Low Ranked Craig ( 1327799 ) on Tuesday May 04, 2010 @07:36PM (#32092396)
    +1 on PDF Xchange (for Windows) That was the only 64-bit reader I could find at the time and it worked really well. On my mac I simply go with Preview.app. Acrobat is a bloated pig and is to be avoided along with Flash, although I'll probably need to get a Core i7 box because I NEED Photoshop - I think Adobe took lessons from Microsoft on how to incorporate more bloat during Vista development.

  • Re:Why wasn't this implemented from day one? (Score:2, Interesting)

    by noidentity ( 188756 ) on Tuesday May 04, 2010 @07:42PM (#32092452)
    There's always someone who comes along and says "it'd be useful if you could do this", be it "execute code embedded in a PDF" or "not have to remember or enter an annoying PIN code number when using the ATM". Never mind that the costs of adding this outweigh the benefit, so it gets added. And at some point, someone creates a new, just-a-freakin'-reader, and the cycle begins anew. Depressing.

  • Re:If Foxit Can Do It ... (Score:2, Interesting)

    by RealGrouchy ( 943109 ) on Tuesday May 04, 2010 @10:30PM (#32093550)

    Indeed, one of my mac users was sent a PDF that had been marked up with Foxit by a volunteer. The markup only shows in Foxit reader, which is only available on Windows. A complete waste of the volunteer's time.

    - RG>

  • Re:If Foxit Can Do It ... (Score:3, Interesting)

    by lpq ( 583377 ) on Wednesday May 05, 2010 @12:07AM (#32094080) Homepage Journal

    Adobe has the mindset of a monopolist. In their markets they often are. There support is shoddy to non-existent and their innovation is down. A few years back to cement their position with their graphics tools as dominant (Photoshop et. al), they started requiring those wishing to develop plug-ins to adopt exclusive licensing with Adobe, where adobe could halt sales of their plug-in with any other competing product, if it was determined that it out-performed adobe's product. Most plugin developers don't bother with image editing products outside of photoshop now.

    Their licensing mechanism sucks... they sold me a bill of good about functionality, regarding products in there Creative Suite 4 package. I bought 3 of them separately -- turns out that their tools that ties all of the together 'Bridge' only will enable suite
    color management if it detects a package license, it won't enable separately bought pieces to work together. It only took me 3 months to get them to admit it was a broken conditional in their license processing in "Bridge" -- they then proceeded to issue me a new license -- for another single copy of photoshop. When I said that wasn't acceptable -- it had to be for all the products I'd purchased (because that's what the documentation says will work), they said I'd have to talk to customer service and would move it back there (I'd gone from customer service to technical, and then back again, and then technical and now again to C.S). That was about a month ago and I haven't heard from them since. Unfortunately I've been too tied up with other more pressing issues than to worry about their broken licensing model.

    But basically their support sucks -- they have some wiz bang products that do great things, but prey you don't need technical support.

    Their technical support people are way in over their heads (at least the ones I dealth
    with).

Slashdot Top Deals

Those who can, do; those who can't, write. Those who can't write work for the Bell Labs Record.

Close