Sinister Adobe Acrobat, Reader malware threatens Web browsers - Technology on NBCNews.com

Sinister Adobe Acrobat, Reader malware threatens Web browsers - Technology on NBCNews.com

Deal Price: News
nbcnews.com offers Sinister Adobe Acrobat, Reader malware threatens Web browsers - Technology on NBCNews.com for News.
"The exploit is noteworthy for its ability to circumvent security features that Adobe rolled out with Acrobat and Reader X, or 10, in November 2010, especially the "sandbox" meant to prevent exploits from affecting other processes.

It also bypasses newer security features, such as the address space layout randomization (ASLR) that Adobe introduced only this past October, and seems to tailor its attack depending on which version of Acrobat or Reader it encounters.

Acrobat and Reader are used to create and read portable document format (PDF) files. Adobe creates plug-ins that let Web browsers read PDFs, and those plug-ins are presumably also affected by this new exploit.

Browsers containing Adobe plug-ins could be vulnerable to drive-by downloads using this exploit. Infections could happen just by visiting a website rigged with malware.

Adobe is working on a patch, but in the meantime the company advises Windows users to upgrade to Adobe Acrobat/Reader 11 and turning on a feature called "Protected View."

"To enable this setting, choose the 'Files from potentially unsafe locations' option under the Edit > Preferences > Security (Enhanced) menu," said an Adobe security advisory updated Wednesday night.


Mac users can open PDFs using Preview instead; Linux users can use Google's Chrome browser, which has its own PDF reader.

Once on board, the exploit places two Windows dynamic-link-library (DLL) files onto the machine.

"The first DLL shows a fake error message and opens a decoy PDF document, which is usually common in targeted attacks," FireEye explained on its blog Tuesday. "The second DLL in turn drops the callback component, which talks to a remote domain."

Russian security firm Kaspersky Lab said this attack was the first successful sandbox workaround for Reader X and subsequent versions.

"We can confirm the existence of a malicious PDF in the wild that's successfully able to break out of Adobe Reader's sandbox," Roel Schouwenberg, senior security researcher at Kaspersky Lab, told Threatpost. "We've seen successful exploitation on a machine running Windows 7x64 and Adobe Reader 11.0.1."

Interestingly, FireEye said in a follow-up blog posting yesterday that much of the JavaScript used by the exploit to attack Acrobat and Reader was in Italian.

Kaspersky's SecureList blog on Tuesday posted a report detailing how an exploit targeting a different Adobe product, Flash Player, and discovered and patched just last week, was used in police spyware created and marketed by an Italian firm called HackingTeam.

FireEye is warning users of Acrobat, Reader and Adobe browser plug-ins not to open PDFs until the problem is fixed."

More from: computerworld
and
pcworld
Deal or No Deal?
0   0

(2) thoughts from other users ...

xptrish
rep: 66.5k
Thank you,checking for the block suggested,if I can't find it i'm uninstalling,it's getting crazy lately! Thank you again!
xptrish posted Feb 14, 2013
  1 |   0
glwrks
glwrks replied:
You're welcome...I'm checking my system now. In the meantime, no PDFs.
Posted Feb 14, 2013
  0 |   0
Email to a friend
Facebook Share
Twitter

news deals

All-Things-Spring Seasonal Easter Menu - ABC News
All-Things-Spring Seasonal Easter Menu - ABC...
News (4 plusses)
5 Do-It-Yourself Hangover Helpers - ABC News
5 Do-It-Yourself Hangover Helpers - ABC News
News (4 plusses)
4 Secrets Of People Who Always Get The Job Offer
4 Secrets Of People Who Always Get The Job...
News (4 plusses)
iPhone 6 Render Points to Edge-to-Edge Display - Yahoo...
iPhone 6 Render Points to Edge-to-Edge...
News (4 plusses)
Leaked pic seemingly shows iOS 8 running on an iPhone...
Leaked pic seemingly shows iOS 8 running on...
News (4 plusses)
This is the best professional monitor we've ever seen
This is the best professional monitor we've...
News (4 plusses)
Top tablets for kids: Your essential guide
Top tablets for kids: Your essential guide
News (4 plusses)
Cutting the Cord: Antennas let you tune in TV for free
Cutting the Cord: Antennas let you tune in...
News (4 plusses)
Mate steering doomed ferry navigating waters for first...
Mate steering doomed ferry navigating waters...
News (5 plusses)
Facebook Paper got its first big update today, but is...
Facebook Paper got its first big update...
News (5 plusses)
Free $25 AutoZone Gift Card with $100 Purchase
Free $25 AutoZone Gift Card with $100...
News (4 plusses)
50¢ OFF Crab Classic, Lobster Classic or Seafood...
50¢ OFF Crab Classic, Lobster Classic or...
50¢ OFF (5 plusses)
$0.50 off ONE 16 oz. Turkey Hill Organic Ice Tea
$0.50 off ONE 16 oz. Turkey Hill Organic Ice...
Coupon! (5 plusses)
$5 off $20+ Bath Tissue and/or Paper Towel purchase l...
$5 off $20+ Bath Tissue and/or Paper Towel...
Coupon! (12 plusses)
$10 off $25+ Bath Tissue and/or Paper Towel purchase l...
$10 off $25+ Bath Tissue and/or Paper Towel...
Coupon! (6 plusses)
$10.00 off SESAME STREET BIG HUGS ELMO toy
$10.00 off SESAME STREET BIG HUGS ELMO toy
Coupon! (5 plusses)
Samsung Galaxy S5 launching on MetroPCS today |...
Samsung Galaxy S5 launching on MetroPCS...
News (5 plusses)
AT&T adds more data and a hotspot option to prepaid...
AT&T adds more data and a hotspot option to...
News (5 plusses)
The smartest ways to save for college - CBS News
The smartest ways to save for college - CBS...
News (4 plusses)
RadioShack to offer iPhone 5s starting at $99 on a...
RadioShack to offer iPhone 5s starting at...
News (4 plusses)
A Tablet Strategy in 7 Easy Steps - Yahoo Small...
A Tablet Strategy in 7 Easy Steps - Yahoo...
News (4 plusses)
These States Are Most Likely To Legalize Weed Next....
These States Are Most Likely To Legalize...
News (6 plusses)
11 Ways to Lose Weight This Weekend | Healthy Living -...
11 Ways to Lose Weight This Weekend |...
News (4 plusses)
Samsung teases major redesign for the Galaxy Note 4 -...
Samsung teases major redesign for the Galaxy...
News (4 plusses)
5 Myths About Caffeine, Busted
5 Myths About Caffeine, Busted
News (4 plusses)
Jamba Juice | $2 for Any Small Fruit & Veggie Smoothie...
Jamba Juice | $2 for Any Small Fruit &...
COUPON (5 plusses)
Why the Future Belongs to Google
Why the Future Belongs to Google
News (4 plusses)
$50 Statement Credits Per Month via Serve from...
$50 Statement Credits Per Month via Serve...
News (5 plusses)
60% Off Sitewide!! 2 Day Signature Sale With Preview...
60% Off Sitewide!! 2 Day Signature Sale With...
News (4 plusses)
Chipotle Prices Are About To Go Up
Chipotle Prices Are About To Go Up
News (4 plusses)