 How to protect yourself from the Adobe Reader PDF JavaScript Vulnerability |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.  |
 Feb 27 2009, 11:07 PM
Post
#46
|
|
 Distinguished Member  Group: Members Posts: 851 Joined: 6-August 08 From: Canada Member No.: 228,067  |
-------------------- Avira AntiVir Personal | COMODO Firewall | Malwarebytes' Anti-Malware | SpywareBlaster | WOT "There is a saying: yesterday is history, tomorrow is a mystery, but today is a gift. That is why it is called present." |
 |
 
|
| Jay-P VIP |
Feb 28 2009, 12:26 AM
Post
#47
|
|
Guests |
Please note friends, that this is the second time in the past year Adobe has had to fix its Acrobat applications. This is the same issue, appeared in a new format. One to get around the original patch for this type of threat.
From what I learned, friend, the attacker targets: util.printf() function The exploit is apparently known as "Milw0rm" As I investigated, this is a "stack-based buffer-overflow vulnerability" because the application fails to perform some adequate boundary checks on user-supplied data. This data is needed to hold the user's session in place. Every PDF Reader has three levels of user data: A. Cached temporary database files -- what runs the file in your browser, and holds your session in place. B. Uncached Database files -- Viewing a document outside of a browser in the PDF Reader Application C. Compliant Shared User Data -- Identifies shared data. With it not being non-compliant, it is prone to attacks more! Symptoms: -Adobe Reader plugin Crashes when the file of choice is opened in your browser. -Your security program gives you an alert of malicious activity with your browser if you try to print the choice document. The browser may crash before the security alert can pop up from your safe program. -Adobe Reader crashes its own application, or Adobe Acrobat Professional crashes on start up. It also crashes when the user tries to open a document and/or print a document. |
|
|
|
|
Feb 28 2009, 10:03 PM
Post
#48
|
|
|
New Member Group: Members Posts: 5 Joined: 28-February 09 From: Fountain Hills, Az. Member No.: 302,247 |
I just downloaded PDF-XChange, http://www.docu-track.com/home/prod_user/P...ols/pdfx_viewer and it is a NICE PDF viewer. I also downloaded Foxit 3.0 as well. They both work super fast. You don't have that painstaking wait for loading like in Adobe. PDF-XChange has a bunch of accessories you can use. Either one is a step above Adobe.
|
|
|
|
|
Mar 1 2009, 07:56 AM
Post
#49
|
|
|
New Member Group: Members Posts: 2 Joined: 7-April 07 Member No.: 122,846 |
Okay I removed adobe reader and adobe.com. How about the Flash player?? Is it okay to remove that as well??
This post has been edited by mamamia: Mar 1 2009, 07:57 AM |
|
|
|
| Jay-P VIP |
Mar 1 2009, 08:28 AM
Post
#50
|
|
Guests |
Keep Adobe Flash. As far as I have heard from developers, Adobe Flash's vulnerability isn't too severe, but executes itself when you use the Print function and also the Zoom function. Do not use both of those functions, and exploits should not happen. This is a User Data vulnerability, not a Data Source vulnerability.
|
|
|
|
 Mar 1 2009, 10:02 AM
Post
#51
|
|
 Who is running the store? Group: Members Posts: 2,429 Joined: 26-November 05 From: Tampa Bay Area, Florida, USA Member No.: 42,052 |
But, make sure you are using the most current, patched, version of Adobe Flash which can be downloaded h e r e.
Then, have something like Secunia Personal Software Inspector to keep you informed about when they update or patch Adobe Flash and other programs you may have installed on your PC. Keeping everything as current as possible is part of your first line of defense against the evil doers. --------------------  I know you think you understand what you thought I said, but I'm not sure you realize that what you heard is not what I meant! |
|
|
|
|
Mar 2 2009, 12:25 AM
Post
#52
|
|
|
Indecisive Lurker Group: Members Posts: 1,286 Joined: 14-February 08 From: A galaxy far, far away... Member No.: 190,231 |
Just got my parent's computers to switch to Foxit. I just switched as well....and boy do they open quickly now. Now I should probably get everyone to switch to either Xchange or Foxit, depending on which they'd prefer.
-------------------- Posting lurker of bleepingcomputer.com........Because I post more than I lurk
Ototo'i wa usagi o mita no...Kino wa shika...Kyo wa anata. (Roughly translated): The day before yesterday, I saw a rabbit...Then yesterday, a deer...And today, you. -Kotomi Ichinose (Clannad) |
|
|
|
|
Mar 4 2009, 05:38 PM
Post
#53
|
|
|
Distinguished Member Group: Members Posts: 851 Joined: 6-August 08 From: Canada Member No.: 228,067 |
Finally got rid of Adobe Reader and replaced it with Foxit in one of my computers, and it's working great!
 I'll now replace Adobe Reader on my other computer! -------------------- Avira AntiVir Personal | COMODO Firewall | Malwarebytes' Anti-Malware | SpywareBlaster | WOT "There is a saying: yesterday is history, tomorrow is a mystery, but today is a gift. That is why it is called present." |
|
|
|
|
Mar 4 2009, 08:11 PM
Post
#54
|
|
 Distinguished Member Group: Members Posts: 780 Joined: 24-February 09 From: Miami, Florida Member No.: 300,479 |
I personally find Adobe Reader to be a very bulky item. It's almost 100MB, and Foxit Reader does the same thing with 5MB.
-------------------- Who said I couldn't have everything?
|
|
|
|
| Jay-P VIP |
Mar 4 2009, 09:13 PM
Post
#55
|
|
Guests |
I find Adobe Reader to be bloatware. With all the installation, it also checks for updates every time you launch it. In the grand scheme of things, you can always disable these types of things, but who knows that? Millions of users have Adobe Reader installed, and much of those users are barely intermediate experts on using computers.
Foxit Reader has been the savior through all of this. With great software, comes great attention, so know that even though it loads better and is generally much better than Adobe Reader, it still is open to vulnerabilities! This sort of reminds me of having too many large updates, and why it is vulnerable. Unlike Java updates, which previous versions can be removed, Adobe doesn't let you remove previous updates. Keep in mind folks, removing previous updates of Java is important because previous versions are vulnerable. Adobe does not let you do this, thus presenting the problem of too much disk space, and too much vulnerability. I am going to TRY to email Adobe on this little issue of too much disk space, etc. |
|
|
|
|
Mar 4 2009, 10:45 PM
Post
#56
|
|
|
Distinguished Member Group: Members Posts: 780 Joined: 24-February 09 From: Miami, Florida Member No.: 300,479 |
Jay, that is a brilliant idea. Tell them about Foxit if you have to. It only takes up about 10MB of space, and does all of what Adobe can, and more.
Plus, talk about that vulnerability. Ought to tell them something. -------------------- Who said I couldn't have everything?
|
|
|
|
| Jay-P VIP |
Mar 5 2009, 12:40 AM
Post
#57
|
|
Guests |
You are right. They need to know whats really good in their market!
|
|
|
|
| Jay-P VIP |
Mar 5 2009, 01:15 AM
Post
#58
|
|
Guests |
QUOTE ******BUG******
Concise problem statement: Updates are installed, file size of Adobe Reader continues to increase. Older versions of Adobe Reader + updates are not removed, and this causes a vulnerability. Steps to reproduce bug: 1. Installed previous versions and updates 2. Installed new versions and updates 3. Removed all versions and updates Results: Old versions and updates are not removed, and cannot see them in Program list but can see them in registry. File size of 245 MB. Expected results: No leftover program versions or updates, and lower file size. File size should only be 20 MB or lower. |
|
|
|
|
Mar 6 2009, 06:18 AM
Post
#59
|
|
 Forum Regular Group: BC Advisor Posts: 285 Joined: 2-December 08 From: Ireland Member No.: 264,233 |
Zero-day Adobe PDF peril goes click free
QUOTE An unpatched flaw in Adobe Acrobat and Reader might be exploited without even needing to trick a surfer into opening a maliciously constructed file. http://www.theregister.co.uk/2009/03/05/cl...free_pdf_peril/ Not good news at all, though the official patch is supposedly only days away (11 March). -------------------- |
|
|
|
|
Mar 8 2009, 02:16 AM
Post
#60
|
|
|
Indecisive Lurker Group: Members Posts: 1,286 Joined: 14-February 08 From: A galaxy far, far away... Member No.: 190,231 |
 ....ouch.....
-------------------- Posting lurker of bleepingcomputer.com........Because I post more than I lurk
Ototo'i wa usagi o mita no...Kino wa shika...Kyo wa anata. (Roughly translated): The day before yesterday, I saw a rabbit...Then yesterday, a deer...And today, you. -Kotomi Ichinose (Clannad) |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 20th March 2010 - 03:30 AM |
© 2003-2010 All Rights Reserved Bleeping Computer LLC.