No replies to this topic

[Nvyseal]

Adobe has become the latest software Relevant Products/Services giant to see its applications exposed to hack attacks, but experts suggest the problem might not be grave, even though its potential reach is vast.

Researchers Stefano di Paola and Giorgio Fedon have discovered a flaw in Adobe's Acrobat system that would let any Web site hosting a Portable Document Format (PDF) file unwittingly aid hackers in assaulting end users' computers.

The flaw does not occur in Acrobat or the Acrobat reader directly, but in the Web browser plug-in that lets PDF documents be read directly over the Internet in programs such as Microsoft's Internet Explorer or Mozilla's Firefox.

"A weakness was discovered in the way that the Adobe Reader browser plug-in can be made to execute JavaScript code on the client side," wrote Symantec researcher Hon Lau on his company's Web log. "This stems from the 'Open Parameters' feature in Adobe Reader, which allows for parameters to be sent to the program when opening a PDF file. Like most things in life, this was a feature designed for benign usage, but unfortunately somebody has discovered that it can also be used for malicious purposes."

Suspicious Links

The flaw exploits a technique called "universal cross-site scripting." In Adobe's case, a hacker could send a victim a link to a PDF document, even one located on a trusted or well-known Web site, and embed extra commands in the link's syntax. The Acrobat plug-in would then execute those commands, giving the hacker access to the user's computer.

Because Acrobat is a nearly universal application in both corporate and consumer worlds, Lau called the hack "breathtaking," but offered a quick fix for Firefox users on his Symantec blog. Reports conflict as to whether the flaw affects Microsoft's Internet Explorer and other Web browsers as well.

Lau also counseled readers to avoid e-mails or links on specious Web sites that send users directly to a PDF document and appear to embed odd or complex command strings in the link itself.

Not to Worry

While the hack's potential reach is enormous, users with updated antivirus protection have little to fear, according to Forrester researcher and security expert Natalie Lambert. "Simply by having antivirus and making sure it's updated, you're protected," she said.

But the key word, she added, is "updated." Companies with a central point of control for their antivirus, antispyware, and other security measures are unlikely to be affected by the Acrobat flaw because I.T. departments tend to update their software regularly.

But consumers who ignore the update procedures called for by their software put themselves at needless risk. "That gets a little tricky," said Lambert. "You're only as safe as your last update."


You can mitigate this problem by upgrading to Adobe Reader 8.

Alternatively, you can implement a workaround in your browser so that it does not use the Acrobat Reader plugin.

The following instructions apply to the Firefox browser:

• In the Tools menu, select Options.
• Select Downloads in the Options dialog.
• Click on the View & Edit Actions button.
• In the Download Actions dialog, choose the action for the PDF extension or the Adobe Acrobat Document file type and then click on Change Action.
• In the Change Action dialog, choose the Open them with the default application option.
• Click on OK, Close and OK to close out of the Options dialog.