Zero-day Adobe PDF peril goes click free
PrintThumbnail preview threat
Posted in Software & Security, 5th March 2009 18:42 GMT
Free whitepaper – Managing desktop software for fun and profit
An unpatched flaw in Adobe Acrobat and Reader might be exploited without even needing to trick a surfer into opening a maliciously constructed file.
Proof of concept demonstrations of this by security blogger Didier Stevens will increase pressure on Adobe to release a fix ahead of schedule.
The exploit techniques demoed by Stevens make use of the Windows Explorer Shell Extension installed with Adobe Reader. The feature creates a conduit between Adobe Reader and Windows Explorer and means that simply hovering the mouse cursor over a booby-trapped file, or selecting it, are enough to allow the bust out of potentially malicious code. Selecting a thumbnail view poses a similar risk.
In all three scenarios the problem exists because simply reading a maliciously constructed document is enough to trigger code execution.
Stevens explains these approaches to hacking in much greater depth in a blog posting, featuring a video demo, here.
Adobe admitted the security patch last week but said an official patch wouldn't be available until 11 March. The delay is all the more serious because hackers are actively attacking the flaw, thus far using approaches that mean maliciously constructed files need to be actually opened. ®
Free whitepaper – Managing desktop software for fun and profit
Managing desktop software for fun and profit
Analyst Keynote: The Register Agile Data Center Summit
Dell PowerEdge R710 solution with VMware ESX vs. Dell PowerEdge 2850 solution
Seven ways to lower storage costs
Sign up, sign up for The Register IT security newsletter
Microsoft's Windows 7 price gamble - and why it's flawed
Managing Desktop Software for fun and profit
Intel's flash new SSDs hit by bugs