Home
•
Crude Search
•
Daily Rig Move List
•
Rig Locator
•
Well Licenses
•
Direction Mapping
Members Menu
•
Energy News
•
Oil Talk
•
Photo Gallery
•
Joke of the Day
•
Oilfield Software
•
GPS Converter
Oiltalk
Oiltalk
>
General Information
>
Tech Support
> Hackers Further Exploit PDF Vulnerability Ahead of Patch
Forum Quick Jump
Select A Location
****** Top of the Forum ******
==== General Information ====
Tech Support
==== Public Forums ====
Drilling
Completions
Down Hole problems
Employment
Software
Where are they now?
[
<< Previous Thread
|
Show Newest Post First
]
Forum Administrator
Forum Moderator
Date Joined Mar 2006
Total Posts : -56
Posted 1/8/2010 9:00 AM (GMT -7)
Non-fans of the PDF file format now have one more reason to harbor negative feelings towards it. Hackers have found another way to exploit a vulnerability on a rather large scale, and it's supposed to be five more days before Adobe puts a fix in place.
Jessa De La Torre, a threat response engineer at Trend Micro, explained the latest danger in a blog post, writing, "The sample (detected by Trend Micro as TROJ_PIDIEF.WIA) uses the heap spray technique to execute shellcode in its stream. As a result, a malicious file detected as BKDR_POISON.UC is dropped into the system."
De La Torre then continued, "When executed, BKDR_POISON.UC
opens an instance of Internet Explorer and connects to a remote site, cecon.{BLOCKED}-show.org. Once connected, a malicious user may execute any command on the affected system."
And Adobe's announced that it won't provide a patch until Tuesday, January 12th.
Of course, standard be-careful-what-you-click-on practices will go a long way toward keeping people safe from this threat.
Individuals can do something else to protect themselves while Adobe readies its solution, too: users of Adobe Reader or Acrobat have the option of either utilizing the javascript
Blacklist Framework, or manually disabling javascript
if that seems easier.
Also, one other positive, semi-related story is that Adobe's working on a new update utility designed to automatically apply patches.
Maybe PDF's critics will find a little less to get upset about
in the future, then.
www.SecurityProNews.com
Back to Top
Forum Information
Currently it is Monday, February 18, 2019 2:13 AM (GMT -7)
There are a total of 3,614 posts in 504 threads.
In the last 3 days there were 0 new threads and 0 reply posts.
View Active Threads
Who's Online
This forum has 4866 registered members. Please welcome our newest member,
Minelabauv
.
3 Guest(s), 0 Registered Member(s) are currently online.
Details
Forum powered by dotNetBB v2.42EC SP3
dotNetBB
© 2000-2019
Need Support?
|
Forum Help Manual
This page is copyrighted (all rights reserved) by Canadian Wellsite Inc., Calgary, Alberta, Canada
| Privacy Policy |