« Obstructing Justice | Main | More hackers please!!!! »

Hackers using Adobe

I recently came across this article and though it was fitting for this weeks topic. Be careful what you download!

Acrobat issues security warning
Computer Weekly; 1/16/2007, p24-24, 1/4p
By Cliff Saran

Adobe Acrobat and Adobe Reader have been affected by a major security issue, which can result in hackers gaining control of a user's PC or stealing confidential information.

Acrobat pdf files, which are widely available across the internet, have become the easiest way for companies to distribute electronic versions of their printed catalogues, technical documentation and company reports.

Acrobat is often installed when new PCs are first configured, and sites which use Acrobat files usually give users the opportunity to download the Reader software.

Users have been warned that a cross site scripting (XSS) vulnerability affecting multiple versions of Adobe Acrobat could enable an attacker to execute Javascript when a PDF document is opened.

The attack simply involves appending the URL for the PDF document with malicious Javascript code.

According to Websense Security Labs, an attacker could utilise this vulnerability for a wide variety of malicious actions, such as creating deceptive phishing attacks or propagating across social networking sites. An attacker could also attempt to access the local file system on the PC of an end-user who inadverantly clicks on the URL.

Users running Internet Explorer on Windows XP SP2 are unaffected. But Websense warned that Firefox users would need to upgrade to Acrobat 8.0 or higher.

Read Adobe's security bulletin


Thanks for posting this article. I just started using Firefox instead of Safari. I will keep this in mind.