IT Consulting, Network Security, System Integration & Vulnerability Assessment Provider
Home
Events
Support
About
Vendors
Careers
 
News & Events
 
Events List
 
Register for Event
 
Indiana Jones
Back To News Article List
Security bug found in PDF reader
Industry News
Tue 1/9/2007 12:33 pm
Millions of people use the reader software to view documents prepared in the popular PDF format.

Security researchers said malicious hackers exploiting the flaw could view victim's hard drives or use it to make phishing scams look more plausible.

So far there is no evidence that the bug is being exploited in the wild.

The flaw is found in the web browser plug-in of the Adobe Reader software. Ordinarily this allows PDF documents to be viewed in a browser window.

But by exploiting the flaw hi-tech criminals could use links to PDF files stored on any website to attack vulnerable Windows PCs.

Information about the flaw in the Adobe reader software was first revealed at the annual conference of the Chaos Computer Club - a venerable German hacker group.

Since then security researchers have investigated and found that it could also be used to view files on the hard drive of a vulnerable PC.

Writing about the flaw Symantec security researcher Hon Lau said: "The ease [with] which this weakness can be exploited is breathtaking."

So far no cyber criminals are thought to be actively exploiting the Adobe Reader flaw but code to do so has been produced.

Initially it was thought that only users of the Firefox web browser were at risk but now it is known that Internet Explorer users are vulnerable too.

Upgrading to version 8 of the Adobe Reader software removes the risk of falling victim to the flaw.

 
Announcements

Creative Breakthroughs Hires SIS Guru to Expand Their Education Vertical Focus

Tue 3/18/2008
Sean Blenkhorn has been named to the newly-created position of Education Practice Lead for CBI’s Business Development team.   
Read More...

SC Magazine Gives Cyberoam CR1000i 5 Stars

Fri 3/14/2008
The Cyberoam 1000i appliance comes fully loaded with many great features for broad gateway security...We found this device to perform very well under testing.   
Read More...

Juniper makes enterprise switch foray, takes aim at Cisco

Wed 1/30/2008
Juniper leveraging heritage in carrier-class routing, consistent operating system to target enterprise Ethernet   
Read More...

‘Private’ messages often open secrets

Mon 1/28/2008
Don’t send any text messages or e-mails you don’t want to see in the newspaper was a lesson Detroit Mayor Kwame Kilpatrick learned last week, and one repeated by area attorneys and business consultants.   
Read More...
Search
Site Map
Solutions
Services
Training
Staffing
Managed Services
©2007 Creative Breakthroughs, Inc. All rights reserved.