PDFs Vulnerable, Say Security Researchers
Latest Industry News: - Partner Watch, Oct. 31
- C-Labs Digital Library Now Supports High Definition
- Letters@Redmondmag.com
- Talisker Beta 2 Brings a Few Enterprise Enhancements
- Profile: Above All Software's New Way to SOA
- Cisco, Microsoft To Collaborate on Communication Tools
- Microsoft's Business Intelligence Challenge
- Santa Clara U Debuts Future Library in Second Life
- Gates Shows Vista Off to the Masses at CES Las Vegas
- Microsoft and Partners Unwrap Axapta Solutions
- Reaching Password Nirvana
- Academic Computing: The 'Object' of Content Management
- A Tasty Recipe for Lead Generation
- Bluetooth Going Ultra-Wideband
- Cisco Freshens Up Its 7200 Series Bona Fides
- Windows Server 2003 SP1 Has Goodies for Terminal Server
- Microsoft Gets a New Man at the Middle
- Automating the Desktop
- ASP.NET Futures Release Showcases New Controls, Capabilities
- Windows CE .NET 4.1 Available
(San Francisco) Computer security researchers said Wednesday they have discovered a vulnerability in Adobe Systems Inc. How ubiquitous Acrobat Reader software, network intruders to the PC through a trusted site links. Almost any Web site sponsored by the Portable Document Format, or PDF files are vulnerable to attack, according to researchers from Symantec and VeriSign to Help iDefense intelligence.
Attacks can range from theft of the cookies to track the users Web browser history, in order to create harmful worm, researchers said.
The flaw, disclosed for the first General Assembly hackers in Germany over holidays, there was a plug-in to enable users to browse PDF files acrobat Web browsers.
Link to the network through the manipulation of these documents, hackers and online thieves can use Acrobat software, and run malicious code, when a user tries to open a file, According to Ken dunham director of the rapid response team VeriSign iDefense intelligence.
Dunham this hypothetical situation: an attacker to find a PDF file on the banks website. An attacker to create a hostile Web site links to the bank PDF files. Including malicious JavaScript code will be run on a users computer knowledge once click on the link.
"PDF is a trustworthy and true and trying to - everyone is using it," d unham said. ", But it is not just viewing files, you should take the initiative scripts, should not be put to death, all you need to do is click on the PDF and the ball started rolling." Representatives from Adobe did not return a telephone contact last Wednesday night.
Against the flaw in Microsofts Internet Explorer 6.0 browser, as well as earlier versions, as well as Mozillas Firefox browser. , the researchers said.
They recommended that users protect themselves, upgrading Internet Explorer or Firefox user change options, the browser does not allow the use of Acrobat intercalation pieces.
Researchers said, it is unclear how the all-pervasive or harmful to the possibility of any future attacks.
"As this is very easy to exploit, I expect that we will see this as a method, in the next few days and weeks, until the issue is resolved," Symantec Posts researcher said: a companys Web log.
Attacks can range from theft of the cookies to track the users Web browser history, in order to create harmful worm, researchers said.
The flaw, disclosed for the first General Assembly hackers in Germany over holidays, there was a plug-in to enable users to browse PDF files acrobat Web browsers.
Link to the network through the manipulation of these documents, hackers and online thieves can use Acrobat software, and run malicious code, when a user tries to open a file, According to Ken dunham director of the rapid response team VeriSign iDefense intelligence.
Dunham this hypothetical situation: an attacker to find a PDF file on the banks website. An attacker to create a hostile Web site links to the bank PDF files. Including malicious JavaScript code will be run on a users computer knowledge once click on the link.
"PDF is a trustworthy and true and trying to - everyone is using it," d unham said. ", But it is not just viewing files, you should take the initiative scripts, should not be put to death, all you need to do is click on the PDF and the ball started rolling." Representatives from Adobe did not return a telephone contact last Wednesday night.
Against the flaw in Microsofts Internet Explorer 6.0 browser, as well as earlier versions, as well as Mozillas Firefox browser. , the researchers said.
They recommended that users protect themselves, upgrading Internet Explorer or Firefox user change options, the browser does not allow the use of Acrobat intercalation pieces.
Researchers said, it is unclear how the all-pervasive or harmful to the possibility of any future attacks.
"As this is very easy to exploit, I expect that we will see this as a method, in the next few days and weeks, until the issue is resolved," Symantec Posts researcher said: a companys Web log.
Latest Industry News: - Partner Watch, Oct. 31
- C-Labs Digital Library Now Supports High Definition
- Letters@Redmondmag.com
- Talisker Beta 2 Brings a Few Enterprise Enhancements
- Profile: Above All Software's New Way to SOA
- Cisco, Microsoft To Collaborate on Communication Tools
- Microsoft's Business Intelligence Challenge
- Santa Clara U Debuts Future Library in Second Life
- Gates Shows Vista Off to the Masses at CES Las Vegas
- Microsoft and Partners Unwrap Axapta Solutions
- Reaching Password Nirvana
- Academic Computing: The 'Object' of Content Management
- A Tasty Recipe for Lead Generation
- Bluetooth Going Ultra-Wideband
- Cisco Freshens Up Its 7200 Series Bona Fides
- Windows Server 2003 SP1 Has Goodies for Terminal Server
- Microsoft Gets a New Man at the Middle
- Automating the Desktop
- ASP.NET Futures Release Showcases New Controls, Capabilities
- Windows CE .NET 4.1 Available
3Com AccessData Acme Packet Adobe Alcatel Lucent American College APC Apple Avaya BEA BICSI BlackBerry Business Objects CheckPoint Cisco Citrix CIW CompTIA Computer Associates CWNP Dell ECcouncil EMC Enterasys Ericsson Exam Express EXIN Extreme Networks File Maker Fortinet Foundry Fujitsu Guidance Software HDI HITACHI Hewlett Packard Huawei Hyperion IBM ICDL IISFA Intel ISACA ISC ISEB Isilon ISM Juniper Legato Lotus LPI McAfee McDATA Microsoft Mile2 Network Appliance Network General Nokia Nortel Novell OMG Oracle PMI Polycom PostgreSQL CE Red Hat RES Software SAIR SAP SAS Institute SCP SeeBeyond SNIA Sniffer Sun Sybase Symantec Teradata The Open Group TIA TIBCO Trusecure Veritas VMware
 MCITP EA70-620 70-624 70-640 70-642 70-643 70-647 $409 Details |
| SAIR Level 2 3X0-201 3X0-202 3X0-203 3X0-204 $279 Details |
| CSND MD0-205 MD0-235 MD0-251 $209 Details |
| LPI 1 117-101 117-102 $139 Details |
| CED 000-287 $89 Details |
| MCDST 70-271 70-272 $139 Details |
| IBM SA 000-695 000-755 000-775 $209 Details |
| CIPTS 3M0-211 3M0-212 3M0-250 3M0-300 3M0-600 3M0-700 3M0-701 $479 Details |
6 CNE CIFI CCNP MCSE CCIE Service Provider SCJP MCITP EPM CAD 11i CCDE CSD SCSSSE Windows Vista Configuration MCSE 2003 Messaging Solaris 9 SCSA CDIA+ IBM CS 8.1 Certified Architect MCA CCSA MCAD .NET CCIE Wireless ISC CISSP 5 CNE F7CD AIS Wireless LAN CCNA SCSI CTP Solaris 10 SCSA NCA Windows Server 2008 Network Infrastructure Configuration System Administator CCA 3.0 MCTS BizTalk Server 2006 MCITP EST CSA IBM DP CRMAM NACA RFID+ CRM MPC SCTS MCD VCP OCUP MCSD .NET NCSS
HS330 1Y0-911 000-864 490-032 000-806 HP0-766 250-365 000-293 S10-300 000-876 000-447 250-265 9A0-061 642-577 HP0-553 646-202 2B0-011 646-411 920-255 250-924 920-132 70-631 920-170 642-567 646-223 E20-080 NS0-163 2B0-100 510-306 3X0-202 50-658 156-210 4H0-435 RDCR08301 1Y0-610 50-892 MB4-211 000-973 642-746 E20-590 LOT-955 000-869 000-079 920-121 HP0-D01 920-172 MB7-221 920-321 E20-095 70-630 1D0-437 9A0-031 190-623 000-190 000-M30 000-789 2B0-102 CT0-101 MOS-A2K HP0-775
