dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
933
share rss forum feed


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico

1 recommendation

Zero-day attack reportedly pierces key Adobe Reader defense

Adobe investigates claim exploit for Reader X and XI being sold online.
quote:
Adobe officials say they're investigating claims of a recent attack. A newly published report claims the latest versions of the widely used Reader document viewer are under attack by exploit code that targets a previously unknown vulnerability.

The particular exploit is available in underground forums for as much as $50,000. It's significant because it pierces a security sandbox that until now has proved impervious to other online attacks, KrebsonSecurity journalist Brian Krebs reported on Wednesday. The security mechanism is designed to minimize the damage of attacks that exploit buffer overflows and other types of software bugs by isolating Web content from sensitive parts of the underlying operating system.
Full Article


therube

join:2004-11-11
Randallstown, MD
The video looks convincing to me.
Ante-up, Adobe!
Obviously the whole premise of what a "reader" is is flawed.
(As is using the words Adobe & security in the same sentence.)


Blackbird
Built for Speed
Premium
join:2005-01-14
Fort Wayne, IN
kudos:3
Reviews:
·Frontier Communi..

2 recommendations

reply to siljaline
quote:
... Reader's security sandbox has gone a long way in reducing the real-world exploits hitting the document viewer.
Maybe computer users ought to consider going the 'rest of the way' to eliminate such Reader exploits by replacing their use of Adobe Reader with one of the several alternative, top-notch readers that are just that: "readers". Some time ago, I did this and haven't looked back since.
--
"Is life so dear, or peace so sweet, as to be purchased at the price of chains and slavery? Forbid it, Almighty God!" -- P.Henry, 1775


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
reply to therube
MS Products no longer the most exploited, by far.
»www.networkworld.com/community/b···-big-way


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico
reply to Blackbird
Good point, Blackbird See Profile
There's a good number of completely viable alternatives.
• »www.foxitsoftware.com/downloads/#reader
• »www.tracker-software.com/product···e-viewer
• »blog.kowalczyk.info/software/sum···der.html


dean corso

join:2007-09-07
said by siljaline:

Good point, Blackbird See Profile
There's a good number of completely viable alternatives.
• »www.foxitsoftware.com/downloads/#reader

Thanks for this. Sick of Adobe's bloatware and just switched to Foxit.
--
"If you want to remain slaves of the bankers and pay for the costs of your own slavery, let them continue to create money and control the nation’s credit." - Josiah Stamp


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
You're most welcome.


therube

join:2004-11-11
Randallstown, MD

1 recommendation

reply to dean corso
If you use Foxit's .exe installer, beware of "goodies" (toolbars or whatever).
The .msi version does not have that.


AVD
Respice, Adspice, Prospice
Premium
join:2003-02-06
Onion, NJ
kudos:1
reply to siljaline
Aren't all attacks zero day at some point in their life?


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico
said by AVD:

Aren't all attacks zero day at some point in their life?

You would have to zero down the focus of the question for it to be answered correctly.