Play it safe with PDF reader applications
Are you using PDF reader?
A security researcher Didier Stevens says “Escape from PDF“.
Using the PDF specification’s “/Launch” function, anyone could exploit Adobe Reader to enable the launching scripts or executables files embedded in PDF files. The flaw could also be exploited to spread malware using PDF as a vehicle for propagation.
A workaround to safeguard against the harmful stuff in Adobe Reader:
Edit>Preferences>TrustManager> Uncheck the option as in the adjoining graphic.
Related articles:
- Malicious PDF file doesn’t need a software vulnerability (infoworld.com)
- Exploits of Adobe’s PDF explode, will continue to climb in 2010 (infoworld.com)
- Adobe considers changes to mitigate PDF attack (infoworld.com)
- Adobe Reader Vulnerability Exploited By Botnet (ghacks.net)
- Exploits unneeded to attack via PDF files (news.cnet.com)
About this entry
You’re currently reading “Play it safe with PDF reader applications,” an entry on A security enthusiast's Blog
- Published:
- May 9, 2010 / 7:30 am
- Category:
- Uncategorized
- Tags:
No comments yet
Jump to comment form | comment rss [?] | trackback uri [?]