Server Virtualization Business Intelligence CRM Solutions Data Warehousing Database Administration Middleware Oracle Database SAN SOA Tape Drives
                       

Related Content

Topic :  Security Breaches  A breach of security occurs when a stated organizational policy or legal requirement regarding information security has been violated

Blog :  Are We Secure Enough for Mandatory BYOD?

Article :  HITECH Act Ramps up HIPAA Compliance Requirements

Adobe, Foxit Probe New No-Bug-Needed PDF Attack

Kara Reeder
Kara Reeder |   News   |  02 Apr, 2010

Computerworld reports that Adobe and Foxit Software are looking into attacks that use a new tactic that embeds attack code in modified PDF documents.

 

Attacks on PDF readers are nothing new. However, Belgium security researcher Didier Stevens has demonstrated an attack that does not require an underlying vulnerability in either program to hijack a machine; attackers need only to trick users into opening the PDF document.

 

Stevens says Abobe can't patch this:

Patching Adobe Reader isn't possible ... [as] I'm not exploiting a vulnerability, just being creative with the PDF language specs.

Adobe has not committed to making a change in its Reader, but Foxit says it will issue an updated Reader tomorrow, although it has not offered specifics about what it would do.

More from Our Network

Add Comment      Leave a comment on this blog post

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


 

Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making

SOA

SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data