Topic 'Zero-day attack reportedly pierces key Adobe Reader defense' in forum 'Security' - dslreports.com

Re: Zero-day attack reportedly pierces key Adobe Reader defense

Fri, 09 Nov 2012 18:41:23 EDT

siljaline posted :

said by AVD:

Aren't all attacks zero day at some point in their life?

You would have to zero down the focus of the question for it to be answered correctly.

Re: Zero-day attack reportedly pierces key Adobe Reader defense

Fri, 09 Nov 2012 16:18:22 EDT

AVD posted : Aren't all attacks zero day at some point in their life?

Re: Zero-day attack reportedly pierces key Adobe Reader defense

Fri, 09 Nov 2012 10:45:45 EDT

therube posted : If you use Foxit's .exe installer, beware of "goodies" (toolbars or whatever).
The .msi version does not have that.

Re: Zero-day attack reportedly pierces key Adobe Reader defense

Fri, 09 Nov 2012 00:08:30 EDT

siljaline posted : You're most welcome.

Re: Zero-day attack reportedly pierces key Adobe Reader defense

Thu, 08 Nov 2012 21:56:22 EDT

dean corso posted :

said by siljaline:

Good point, Blackbird
There's a good number of completely viable alternatives.
• »www.foxitsoftware.com/downloads/#reader

Thanks for this. Sick of Adobe's bloatware and just switched to Foxit.
--
"If you want to remain slaves of the bankers and pay for the costs of your own slavery, let them continue to create money and control the nation’s credit." - Josiah Stamp

Re: Zero-day attack reportedly pierces key Adobe Reader defense

Thu, 08 Nov 2012 16:41:58 EDT

siljaline posted : Good point, Blackbird
There's a good number of completely viable alternatives.
• »www.foxitsoftware.com/downloads/#reader
• »www.tracker-software.com/product···e-viewer
• »blog.kowalczyk.info/software/sum···der.html

Re: Zero-day attack reportedly pierces key Adobe Reader defense

Thu, 08 Nov 2012 14:28:26 EDT

siljaline posted : MS Products no longer the most exploited, by far.
»www.networkworld.com/community/b···-big-way

Re: Zero-day attack reportedly pierces key Adobe Reader defense

Thu, 08 Nov 2012 09:28:34 EDT

Blackbird posted :

quote:
... Reader's security sandbox has gone a long way in reducing the real-world exploits hitting the document viewer.

Maybe computer users ought to consider going the 'rest of the way' to eliminate such Reader exploits by replacing their use of Adobe Reader with one of the several alternative, top-notch readers that are just that: "readers". Some time ago, I did this and haven't looked back since.
--
"Is life so dear, or peace so sweet, as to be purchased at the price of chains and slavery? Forbid it, Almighty God!" -- P.Henry, 1775

Re: Zero-day attack reportedly pierces key Adobe Reader defense

Thu, 08 Nov 2012 09:06:35 EDT

therube posted : The video looks convincing to me.
Ante-up, Adobe!
Obviously the whole premise of what a "reader" is is flawed.
(As is using the words Adobe & security in the same sentence.)

Zero-day attack reportedly pierces key Adobe Reader defense

Thu, 08 Nov 2012 00:02:48 EDT

siljaline posted : Adobe investigates claim exploit for Reader X and XI being sold online.

quote:
Adobe officials say they're investigating claims of a recent attack. A newly published report claims the latest versions of the widely used Reader document viewer are under attack by exploit code that targets a previously unknown vulnerability.

The particular exploit is available in underground forums for as much as $50,000. It's significant because it pierces a security sandbox that until now has proved impervious to other online attacks, KrebsonSecurity journalist Brian Krebs reported on Wednesday. The security mechanism is designed to minimize the damage of attacks that exploit buffer overflows and other types of software bugs by isolating Web content from sensitive parts of the underlying operating system.

Full Article