New Adobe Reader Exploit Reminds us why we Love Foxit
Posted 02/22/09 at 06:41:26 PM by Justin Kerr
Comments
Print
Email
Adobe’s PDF reader and creator software continues to be under a seemingly endless attack, and a new vulnerability has the security community very worried. A critical flaw in all editions of its PDF reader and creator software will allow attackers to crash the application and gain control of a person’s computer. This vulnerability has been acknowledged by Adobe, but a fix is still rumored to be 2-3 week away. Initially the company will be working to patch version 9, but will eventually include fixes for version’s 7 & 8 as well.
According to the McAfee security blog, malicious PDF documents are already in the wild, and have been appearing across the web since early January. PDF exploits are of significant concern to the security community since the reader software interfaces very closely with web browsers. In many cases PDF documents are opened within a new browser tab, and displayed even with a user’s consent. According to Symantec this attack has primarily been directed towards government agencies and large corporations, it is not widespread as of yet.
Symantec also offers some tips on how to combat the problem by disabling JavaScript, but here at Maximum PC we much prefer just using Foxit Reader as an alternative. This lightweight solution weighs in at only 3 MB and (to the best of our knowledge) is unaffected by the exploit. It’s so good in fact, it made our list of 32 Totally Essential (and free) Apps for Every New PC.
Hey I just got a notice from
Submitted by Keith E. Whisman on Thu, 02/26/2009 - 4:55am
Hey I just got a notice from Norton Internet Security 2009 firewall letting me know that an intrusion was just attempted from www.cephilla.com
In the Details it says Risk Name and it says
HTTP Acrobat PDF Suspicious File Download
Risk Level High
Attacking Computer cephilla.com (85.17.169.57,80)
Attacker URL 85.17.169.57/css/pdf.php?new=1&sid=ecdfefdde8deebd8eadbe6b5e0dde9dbebdbebdbe6d0e9d0e2d4e5dc&u=c_1_0
Then it says Source Address cephilla.com (85.17.169.57)
Traffic Description TCP,www-http
I can only say thank god I have a good firewall. Just think what may have happened if I didn't have this security. I wasn't even engaged in any risky behavior. Just having my computer online was all it took. So this goes to show you that you should not go online naked. Your computer needs security software.
toolbar with foxit?
Submitted by Queenof1 on Mon, 02/23/2009 - 11:56am
anyway to not download the toolbar?
Submitted by Keith E. Whisman on Mon, 02/23/2009 - 3:02pm
There is an option during installation like with most toolbars you can choose to install the software without installing the toolbar(s).
Sumatra
Submitted by chance on Mon, 02/23/2009 - 7:29am
I second the sumatra recommendation. If you want a small footprint and an ultra portable app, Sumatra is the way to go. You can grab the portable version over at portableapps.com; great site.
Submitted by jensenh1999 on Mon, 02/23/2009 - 4:44am
Folks, If you think you should not worry, you should. Even a home user gets emails from friends at work. A hacker might not care about you. But he could use your info, or even you machine to target and exploit others. There are many “old” bot attacks going on that are killed by a simple patch upgrade, that is not being done by people.Lets say they get access to you machine, and your close to a a military base. He might want to use your machine, in the local area, to launch his attacks from. Then when the FBI does get around to knocking on "your door", he is far removed. This is just one instance. A friend of mine had issues with his PC, when I looked at it, I found out he was hosting porno files for some hacker. He never would have noticed if his machine had not slowed down.Another case, someone might design an attack based upon this just to kill as many machines as possible. Why would you leave your machine open for this?I know I want my machine to work all the time. Be a responsible internet user. Keep your machine patched, Antivirus up to date, and all programs up to date.
Submitted by Keith E. Whisman on Mon, 02/23/2009 - 5:07am
"Be a responsible internet user. Keep your machine patched, Antivirus up to date, and all programs up to date. "
So true and something every maximumpc reader should already be doing but you do make some compelling arguments that I did think about but again the threat is still much lower for a home pc than a company network but it's true that there are people out there that get off on messing up as many computers as possible.
This is yet another reason why you shouldn't skimp on a good firewall and antivirus software like Norton Internet Security 2009-sorry I'm now a fan of this sweet suite.
Submitted by Keith E. Whisman on Sun, 02/22/2009 - 7:47pm
Foxit is great and I use it but really who would be a likely target for attack by hackers? Surely not a regular home computer but perhaps a business computer. So I figure if your computer is in a business environment then yeah worry about it. But I just don't feel like I would be a target. Hackers just don't have anything to gain from me other than mucking up my computer system that is and then I just don't see that as being worth the effort.
Submitted by thetoast on Mon, 02/23/2009 - 8:07pm
Home users have just as much to fear if not more from such attacks. Home users are less likely to have adequate protection than business computers, so that means exploiting them is easier. There may not be anything they want on your computer, but that's fine with them. All they want is your computer itself. All an attacker needs to do is get you to open a web page with a malicious PDF on it and bam, they have control of your computer and make you another part of their botnet. Botnets are huge these days. People make money on the black market by selling thousands of such 'bots' for a few cents a piece. Many of these bots are nothing more than a home computer having a broadband connection and a tiny piece of malware installed on it. All that spam you get in your email? Bots. DDOS attacks which cripple corporate networks? Also bots. Don't underestimate these guys. They'll take all the computers they can get, even yours.
Submitted by Keith E. Whisman on Mon, 02/23/2009 - 8:29pm
You know I've heard of that before and it frightens me.
The latest Foxit includes a
Submitted by MAXPCreader07 on Sun, 02/22/2009 - 6:58pm
The latest Foxit includes a toolbar doesnt it? Ill stay with the clean Sumatra PDF thank you very much.
Submitted by SillyElf74 on Sun, 02/22/2009 - 5:52pm
Does anyone still use Adobe? I've used Foxit for years and reccomend it to everyone I can.
Submitted by AndyYankee17 on Sun, 02/22/2009 - 6:57pm
adobe is a company, not a product, and for your question, ask anyone who uses photoshop or flash.
Acrobat and InDesign are standard for newspapers and magazine publishers
What a silly question! You
Submitted by kleinkinstein on Sun, 02/22/2009 - 6:12pm
What a silly question! You obviously don't exist in corporate america. If you did, you'd understand how prevalent and ubiquitous
Acrobat it is.
Submitted by Keith E. Whisman on Sun, 02/22/2009 - 8:00pm
This is a threat for Corporate America an not necessarily your home computer. But I recon it can be a threat to everyone that has personal information on corporate computers that get hacked and this information used to steal identities.
And quit hating on companies that make software. All extremely successfull software and operating systems are going to be targeted by hackers simply because of the prevalance of the software and the increased odds of a successful hack attack.
Companies do their very best to make secure code but as long as the OS needs to access the internet and software needs to communicate with other software and the OS and the internet then it's going to be possible to find vulnerabilities and hack and attack said software and OS's. That's just the way it is.
Microsoft OS's will always be the target for attackers because it's the most widely used OS today. Mac just isn't worth the trouble, too few. Same can be said for Linux although both do get attacked with viruses and hacks and take overs but to a lesser degree because again there are just too few to justify the effort.
So go ahead and bitch and complain but the real reason why OS's and programs get hacked and become vulnerable hackers is because of the success of the software. It's because of YOU AND I. We purchased these programs and made them successful just like WalMart. Alot of you Hate WalMart but you still shop at WalMart and make it an even bigger success.
Must Read Articles
Feature
Review
Feature
Feature
Feature
Most Popular Articles
This Month's Issue
FEATURE How to Get FREE Programs, Services, Software & MoreFEATURE Digital Photo Printer RoundupHOW TOBuild a 3D CameraFEATUREDIY Arcade PCWHITE PAPERHow TRIM Works
Technology News
Computer Cooling Fans
Computer Cases
PC Game Controllers
PC Games
Computer Hardware
Headphones
MP3 Players
Stream Video
Computer Mouse
Monitors
Motherboards
NAS Storage
Networking
Laptop Computers
DVD Burner
Digital Cameras
Portable Storage
Computer Accessories
Smartphone
Antivirus Software
Sound Cards
Speakers
Computer Systems
Thumb Drives
Video Cameras
Video Card Reviews
Water Cooling
Gadgets
- Keyboards
© 2009 Future US, Inc. All Rights Reserved.