These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE General Discussion

 
  • Topic is locked indefinitely.
 

Real Life: Adobe reports major threat
Author
Previous Topic Next Topic
Vendorella
Montreal Irishmen
#1 - 2011-12-10 22:47:20 UTC
TD;DR - Be very careful opening PDF documents until Adobe releases a patch later this coming week.



Attackers Leverage Zero Day Reader Flaw in the Wild; Patch Coming

Quote:
According to ComputerWorld and Symantec, Attackers are currently leveraging a zero day vulnerability in Adobe Reader in targeted attacks against telecommunications, manufacturing, computer hardware, and chemical companies, as well as defence sector organisations like Lockheed Martin.

The attacks may have started as early as the beginning of November, and arrive as a targeted phishing email with a malicious PDF attachment. If you open said attachment, your computer gets infected with information stealing malware.

Earlier this weak, Adobe confirmed this zero day flaw in a Security Advisory. The vulnerability affects all current versions of Reader and Acrobat running on any platform. Though they have not released a fix for the flaw yet, they plan to sometime next week


Article link here: http://watchguardsecuritycenter.com/2011/12/09/attackers-leverage-zero-day-reader-flaw-in-the-wild-patch-coming/
Corina Jarr
en Welle Shipping Inc.
#2 - 2011-12-10 22:50:14 UTC
Vendorella wrote:
TD;DR - Be very careful opening PDF documents until Adobe releases a patch later this coming week.



Attackers Leverage Zero Day Reader Flaw in the Wild; Patch Coming

Quote:
According to ComputerWorld and Symantec, Attackers are currently leveraging a zero day vulnerability in Adobe Reader in targeted attacks against telecommunications, manufacturing, computer hardware, and chemical companies, as well as defence sector organisations like Lockheed Martin.

The attacks may have started as early as the beginning of November, and arrive as a targeted phishing email with a malicious PDF attachment. If you open said attachment, your computer gets infected with information stealing malware.

Earlier this weak, Adobe confirmed this zero day flaw in a Security Advisory. The vulnerability affects all current versions of Reader and Acrobat running on any platform. Though they have not released a fix for the flaw yet, they plan to sometime next week


Article link here: http://watchguardsecuritycenter.com/2011/12/09/attackers-leverage-zero-day-reader-flaw-in-the-wild-patch-coming/

And this shouldn't be a problem if you don't open emails from unknown/unconfirmed sources.

Thanks for the message anyway.


Of and should be in OOPE, as this is for EVE talk.
Vyl Vit
#3 - 2011-12-10 23:03:34 UTC
http://www.adobe.com/support/security/advisories/apsa11-04.html

From the horse's mouth.

Paradise is like where you are right now, only much, much better.
KaarBaak
Squirrel Team
#4 - 2011-12-10 23:06:30 UTC

Running the current version of Reader in 'protected mode' (which is enabled by default) and you're immune to this.

Basic end-user computing 101

Dum Spiro Spero
Abdiel Kavash
Deep Core Mining Inc.
Caldari State
#5 - 2011-12-10 23:30:40 UTC
tl;dr: that's what you get when your document format allows running executable files.
Little Delicious
Deep Core Mining Inc.
Caldari State
#6 - 2011-12-10 23:38:11 UTC
So you mean there's going to be an update for acrobat reader? Haven't gotten one in a few hours, was wondering why the next one was so late.
Anya Ohaya
School of Applied Knowledge
Caldari State
#7 - 2011-12-11 03:11:30 UTC
Just use a non-adobe PDF reader. They don't support all the "features" that allow these attacks in the first place.
Hark Hanam
Sebiestor Tribe
Minmatar Republic
#8 - 2011-12-11 03:14:08 UTC
here's a PDF that explain everything in detail :

...


Sorry.
Morganta
The Greater Goon
#9 - 2011-12-11 03:15:07 UTC
Hark Hanam wrote:
here's a PDF that explain everything in detail :

...


Sorry.


idea stealer