Hardware Canucks

Hardware Canucks (http://www.hardwarecanucks.com/forum/)
-   O/S's, Drivers & General Software (http://www.hardwarecanucks.com/forum/o-ss-drivers-general-software/)
-   -   Adobe Reader zero-day attack now with stolen certificate (http://www.hardwarecanucks.com/forum/o-ss-drivers-general-software/36062-adobe-reader-zero-day-attack-now-stolen-certificate.html)

jay51 September 9, 2010 12:38 PM

Adobe Reader zero-day attack now with stolen certificate
 
Today Adobe put out an advisory for a previously unknown zero-day in its PDF Reader/Acrobat software. This vulnerability is actively being exploited in the wild.
Adobe Reader zero-day attack – now with stolen certificate - Securelist
Quote:

Security Advisory for Adobe Reader and Acrobat

Release date: September 8, 2010
Vulnerability identifier: APSA10-02
CVE number: CVE-2010-2883
Platform: All
Summary

A critical vulnerability exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2883) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild.
Adobe is in the process of evaluating the schedule for an update to resolve this vulnerability.
Affected software versions

Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh.
Severity rating

Adobe categorizes this as a critical issue.
Details

A critical vulnerability exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2883) could cause a crash and potentially allow an attacker to take control of the affected system. Adobe is aware of public exploit code for this vulnerability.
Adobe is in the process of evaluating the schedule for an update to resolve this vulnerability.
Adobe actively shares information about this and other vulnerabilities with partners in the security community to enable them to quickly develop detection and quarantine methods to protect users until a patch is available. As always, Adobe recommends that users follow security best practices by keeping their anti-malware software and definitions up to date
another reason to use foxit reader.

enaberif September 9, 2010 01:37 PM

Why the hell do people STILL use acrobat?

Its a big piece of poo!

Foxit is far better and faster.

Desiato September 9, 2010 01:40 PM

foxit has its issues too. pdf security through simplicity: Sumatra PDF viewer by Krzysztof Kowalczyk

DCCV44.2223 September 9, 2010 03:25 PM

PDF specs allow files to be embedded, executables to be launched and of course javascript is enabled by default (Foxit does that too), why are people surprised when there are frequent security problems with it.

Their advisory is kinda useless too when no information on workarounds and mitigating factors are included, e.g., does disabling scripting help, or can it break out of IE's protected mode in Vista/W7.

The next version of Acrobat will run in protected mode but maybe they should also nuke and trim the specs too.

DCCV44.2223 September 13, 2010 02:42 PM

Workaround posted:

Use EMET 2.0 to block Adobe Reader and Acrobat 0-day exploit - Security Research & Defense - Site Home - TechNet Blogs

ipaine September 13, 2010 08:42 PM

Quote:

Originally Posted by enaberif (Post 426709)
Why the hell do people STILL use acrobat?

Its a big piece of poo!

Foxit is far better and faster.


While I mostly agree, I have run into pdf's that I can not open with foxit. Mind you these were editable forms but the fact is I couldn't open them with Foxit. It is because of the odd ones that only seem to be able to get opened with Adobe, that I have to stick with it for my machines at work.

bojangles September 14, 2010 08:20 AM

Quote:

Originally Posted by enaberif (Post 426709)
Why the hell do people STILL use acrobat?

Its a big piece of poo!

Foxit is far better and faster.

Maybe if internet browsers recommended a different PDF reader than Adobe, THEN maybe people would stop using it. I don't know many people that use Foxit, heck I still use Adobe because it integrates better. People just need to surf safely and they won't run into any problems.

MacJunky September 14, 2010 05:02 PM

I use foxit, but I keep all integration with other things disabled. I hate when pdfs open in my browser; I would rather just download em and browse from there.


All times are GMT -7. The time now is 12:40 AM.