OT: Acrobat security hole

Submitted: Saturday, Jan 06, 2007 at 11:04
ThreadID: 40922 Views:2222 Replies:6 FollowUps:11
This Thread has been Archived
I wouldn't normally post computer security/virus info to this site but I think this one is, potentially, very serious for all web users - be very cautious (I suggest you don't do it) about opening PDF documents within a web browser.

Site Link

Mike Harding
Back Expand Un-Read 0 Moderator

Reply By: Mike Harding - Saturday, Jan 06, 2007 at 11:37

Saturday, Jan 06, 2007 at 11:37
For Firefox; to stop it automatically opening PDF documents in a browser window do a search for the file "nppdf32.dll" and either delete all instances of the file or, probably better, create a temporary directory somewhere and move them there.
AnswerID: 213605

Follow Up By: Bonz (Vic) - Saturday, Jan 06, 2007 at 14:22

Saturday, Jan 06, 2007 at 14:22
Or you can just change how it handles documents inside FF
.
Time is an illusion produced by the passage of history
.

Lifetime Member
My Profile  My Blog  Send Message
Moderator

0
FollowupID: 473964

Reply By: The Explorer - Saturday, Jan 06, 2007 at 11:48

Saturday, Jan 06, 2007 at 11:48
"The flaw appears to target Microsoft's Internet Explorer 6.0 web browser and earlier versions, and Mozilla's Firefox browser, the researchers said"

IE7 OK by sounds of it. Suits me
Cheers
Greg
I sent one final shout after him to stick to the track, to which he replied “All right,” That was the last ever seen of Gibson - E Giles 23 April 1874

Lifetime Member
My Profile  My Blog  Send Message
Moderator

AnswerID: 213609

Follow Up By: disco1942 - Saturday, Jan 06, 2007 at 11:53

Saturday, Jan 06, 2007 at 11:53
Does not IE7 & IE6 both use the same code that has been around since IE4? If so IE7 is no better than IE5.

PeterD
PeterD
Retired radio and electronics technician

Lifetime Member
My Profile  Send Message

0
FollowupID: 473932

Follow Up By: The Explorer - Saturday, Jan 06, 2007 at 12:06

Saturday, Jan 06, 2007 at 12:06
Wouldnt have a clue...but the "experts" quoted in report said "Internet Explorer 6.0 web browser and earlier versions" so based on that IE7 is different. If IE7 was vulnerable wouldn't they have said so?
Cheers
Greg
I sent one final shout after him to stick to the track, to which he replied “All right,” That was the last ever seen of Gibson - E Giles 23 April 1874

Lifetime Member
My Profile  My Blog  Send Message
Moderator

0
FollowupID: 473936

Follow Up By: disco1942 - Saturday, Jan 06, 2007 at 12:48

Saturday, Jan 06, 2007 at 12:48
Greg

On the other hand the article does not say IE7 is immune from those problems.

PeterD
PeterD
Retired radio and electronics technician

Lifetime Member
My Profile  Send Message

0
FollowupID: 473943

Follow Up By: Chris & Debbie - Saturday, Jan 06, 2007 at 12:59

Saturday, Jan 06, 2007 at 12:59
The way I understand IE7 is immune. Copy and paste from article.

"They recommended that users protect themselves by upgrading Internet Explorer or changing Firefox's user options so the browser does not use the Acrobat plug-in."

Chris
0
FollowupID: 473945

Reply By: disco1942 - Saturday, Jan 06, 2007 at 12:54

Saturday, Jan 06, 2007 at 12:54
Mike

There is an add-on to Firefox called "PDF Download" ( " target="EOF" class="lbg">www.pdfdownload.org/ ). This can be set in a few ways but basically when you click on a link that links to a PDF file the file is loaded into an external Acrobat Reader window.

Does this overcome the problem you are reporting?

PeterD
PeterD
Retired radio and electronics technician

Lifetime Member
My Profile  Send Message

AnswerID: 213621

Reply By: Mike Harding - Saturday, Jan 06, 2007 at 13:03

Saturday, Jan 06, 2007 at 13:03
Digging a little deeper suggests this problem affects all versions of IE prior to IE7,
all versions of Acrobat Reader up to, and including, 7.0.8 and all versions of Firefox

Site Link

Upgrading to Acrobat Reader 8 and IE 7 should ensure you are OK. For Firefox I strongly suggest people disable browser opening of PDFs as I described above although upgrading to Acrobat 8 may also solve the Firefox issue - not sure?

PeterD: I suspect the answer to your question is yes it will prevent it but I'm only guessing.

Mike Harding
AnswerID: 213624

Follow Up By: disco1942 - Saturday, Jan 06, 2007 at 13:21

Saturday, Jan 06, 2007 at 13:21
Mike

Reading the page you linked us to - it appears that the problem is with Acrobat Readers prior to V8 rather than the browser you are using. In that case I do not think PDF Download will help without installing Reader V8.

PeterD
PeterD
Retired radio and electronics technician

Lifetime Member
My Profile  Send Message

0
FollowupID: 473953

Follow Up By: The Explorer - Saturday, Jan 06, 2007 at 13:25

Saturday, Jan 06, 2007 at 13:25
According to one report...

"Forrester researcher and security expert Natalie Lambert noted that users seeking to protect themselves can simply stop using Adobe's Reader -- although it's not likely they'll do so, she added. Acrobat has become not merely a convenience but a much-needed tool in many office settings.

Instead, defense-minded users can upgrade to Version 8, which Adobe released in early September.

"This is the ideal solution," she said, "but getting consumers and businesses to universally push these upgrades will take time."

This supports your comment Mike that upgrading to Acrobat Reader 8 is the thing to do...though I suppose we should get PeterD's opinion as his English comprehension is better than mine:)

Cheers
Greg

I sent one final shout after him to stick to the track, to which he replied “All right,” That was the last ever seen of Gibson - E Giles 23 April 1874

Lifetime Member
My Profile  My Blog  Send Message
Moderator

0
FollowupID: 473955

Follow Up By: disco1942 - Saturday, Jan 06, 2007 at 14:05

Saturday, Jan 06, 2007 at 14:05
Greg - the Age article just said "by upgrading Internet Explorer" - they did not say whether by installing IE7 or by installing M$ updates. As I have seen articles that say that IE7 still uses the basic code of IE4 I doubt that IE7 will fix the problem.

Further to that, look at www.adobe.com/support/security/ - You will note that Adobe have given the same warning to Apple and Linux users. To me that confirms IE7 to be no better than the rest.
PeterD
Retired radio and electronics technician

Lifetime Member
My Profile  Send Message

0
FollowupID: 473961

Follow Up By: Member - Andrew (QLD) - Saturday, Jan 06, 2007 at 14:30

Saturday, Jan 06, 2007 at 14:30
However the report also mentions "Exploitability depends on the browser and browser version being used." therefore there seems to be browsers that are not vunerable, with IE7 sounding like a contender :-)

Andrew
0
FollowupID: 473968

Follow Up By: disco1942 - Sunday, Jan 07, 2007 at 21:27

Sunday, Jan 07, 2007 at 21:27
Have been reading Site Link on Yahoo News.

Here is a quote from near the bottom:

"After an initial analysis, Symantec said that the Adobe Reader XSS flaw works when Mozilla's Firefox 1.5 and Opera 9.10 browsers are used to view a malicious link, but that Microsoft's Internet Explorer 6 and IE 7 will both generate a JavaScript error when trying to open a PDF. Firefox 2.0, the most current version of the Mozilla open-source browser, also returns an error dialog, which reads "This operation is not allowed." "

PeterD
PeterD
Retired radio and electronics technician

Lifetime Member
My Profile  Send Message

0
FollowupID: 474198

Follow Up By: The Explorer - Sunday, Jan 07, 2007 at 21:44

Sunday, Jan 07, 2007 at 21:44
phew..downloaded about 20 PDF's today (not sure if it was via IE7 or MoziV2) - good to see both would have notified of a problem. Doesn't sound good for Mozilla Firefox 1.5 and Opera 9.10 users though.

Cheers
Greg
I sent one final shout after him to stick to the track, to which he replied “All right,” That was the last ever seen of Gibson - E Giles 23 April 1874

Lifetime Member
My Profile  My Blog  Send Message
Moderator

0
FollowupID: 474203

Reply By: Mr Fawlty - Saturday, Jan 06, 2007 at 17:38

Saturday, Jan 06, 2007 at 17:38
I'm glad you did bring this to our attention Mike, if we all lost our computers because of this problem then the site would suffer. In a roundabout way it's the culminating pleasure you can treasure without measure as the gratifying feeling that your duty has been done....
AnswerID: 213667

Reply By: disco1942 - Monday, Jan 08, 2007 at 14:57

Monday, Jan 08, 2007 at 14:57
For Opera users - there is a fix for this - go to:

Site Link

PeterD
PeterD
Retired radio and electronics technician

Lifetime Member
My Profile  Send Message

AnswerID: 214017

Sponsored Links