Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: PDF security hole opens can of worms.

06 Apr 2010   #1
JMH

Win 7 Ultimate 64-bit. SP1.
 
 
PDF security hole opens can of worms.

Quote:
The security perils of PDF files have been further highlighted by new research illustrating how a manipulated file might be used to infect other PDF files on a system.

Jeremy Conway, an application security researcher at NitroSecurity, said the attack scenario he has discovered shows PDFs are "wormable". Computer viruses are capable, by definition, of overwriting other files to spread. Conway's research is chiefly notable for illustrating how a benign PDF file might become infected using features supported by PDF specification, not a software vulnerability as such, and without the use of external binaries or JavaScript.

The "wormable PDF" research comes days after another security researcher, Didier Stevens, showed how it was possible to both embed malicious executables in PDFs and manipulate pop-up dialog boxes to trick victims into running a malicious payload. Both Adobe and FoxIT are working on a fix against the security shortcomings in their respective PDF viewing packages illustrated by the research.
PDF security hole opens can of worms ? The Register


My System SpecsSystem Spec
.

07 Apr 2010   #2
Victek

Windows 7 x64
 
 

Note that at least one attack vector in Adobe Acrobat Reader can be closed by going to "Edit/Preferences/Trust Manager" and unchecking the box that says:

"Allow opening of non-PDF file attachments with external applications"

More information here:

Adobe Issues Advisory to Block Embedded Executes | News & Opinion | PCMag.com
My System SpecsSystem Spec
07 Apr 2010   #3
CarlTR6

Windows 7 Ultimate 32 bit
 
 

Quote   Quote: Originally Posted by JMH View Post
Quote:
The security perils of PDF files have been further highlighted by new research illustrating how a manipulated file might be used to infect other PDF files on a system.

Jeremy Conway, an application security researcher at NitroSecurity, said the attack scenario he has discovered shows PDFs are "wormable". Computer viruses are capable, by definition, of overwriting other files to spread. Conway's research is chiefly notable for illustrating how a benign PDF file might become infected using features supported by PDF specification, not a software vulnerability as such, and without the use of external binaries or JavaScript.

The "wormable PDF" research comes days after another security researcher, Didier Stevens, showed how it was possible to both embed malicious executables in PDFs and manipulate pop-up dialog boxes to trick victims into running a malicious payload. Both Adobe and FoxIT are working on a fix against the security shortcomings in their respective PDF viewing packages illustrated by the research.
PDF security hole opens can of worms ? The Register
Good information; thanks for the alert. I will be watching for a Foxit update.
My System SpecsSystem Spec
.


07 Apr 2010   #4
Corrine

Windows 7 & Windows Vista Ultimate
 
 

CarlTR6, Did you get the update for FoxIt 3.2.1.0401, released April 2,2010.
Bugfix: Foxit Software - Bug Fix List for Foxit Reader

Personally, I use an alternate PDF reader, Sumatra PDF since FoxIt includes the Ask Toolbar and ebay desktop shortcut. There are a number of open source readers available from PDFreaders.org - Get a Free Software PDF reader!.
My System SpecsSystem Spec
07 Apr 2010   #5
CarlTR6

Windows 7 Ultimate 32 bit
 
 

Thank you, Corrine; yes I got it. I did not install the Ask toolbar nor the Ebay shortcut. But I will certainly investigate Sumatra and other open source readers. Thanks for the link.
My System SpecsSystem Spec
07 Apr 2010   #6
Corrine

Windows 7 & Windows Vista Ultimate
 
 

You're welcome.
My System SpecsSystem Spec
Reply

 PDF security hole opens can of worms.




Thread Tools





Similar help and support threads
Thread Forum
Win7 shares possible huge security hole
Potentialy due to all problems with connecting XP to win7 people are already glad to be able to connect to WIN7, but there seems to be a huge scurity hole in the process: As I examin shares on win7 (controll panel shares) ACL's require a full grant on Everyone// it's unclear what read...
Network & Sharing
Free Microsoft Security Solution Hunts Worms.
Source - Free Microsoft Security Solution Hunts Worms with Shared Pedigree - Rimecud and Hamweq - Softpedia
Security News
Strange hole in security
Hi I have recently installed Windows 7 on my PC, which is used by myself and the kids. I set myself up as administrator, and the kids account as standard user. Now I am used to Windows XP (never had anything to do with Vista), where the administrators files are private, but the administrator can...
General Discussion
Vbootkit security hole
Windows 7 Can Be Hacked, No Fix - Tom's Hardware Does anyone know if this security issue has been fixed? This is pretty major from a security standpoint. A lot of users will just accept the default user account created upon installation, which has admin rights, thus making them vulnerable. ...
System Security
Zero Day Security Hole In Windows 7?
http://windows7news.com/2009/05/16/zero-day-security-hole-in-windows-7/
System Security
Security hole in UAC
Security hole in UAC! :( The oldest trick in the book, literally, defeats UAC in Windows 7 | Betanews
News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 14:23.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App