dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
15
share rss forum feed


Cartel
Premium
join:2006-09-13
Chilliwack, BC
kudos:2
reply to siljaline

Re: NBC Website Hacked

The exploit kit delivered one of two exploit files to try to take control over your browser via a Java vulnerability or a PDF bug

Now FF has PDF built in...so it begins....


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:3
said by Cartel:

Now FF has PDF built in...so it begins....

Which is why, in about:config, I've set pdfjs.disabled to true in addition to disabling any and all PDF plugins in the Adds-ons Manager.
--
Don't feed trolls--it only makes them grow!


AVD
Respice, Adspice, Prospice
Premium
join:2003-02-06
Onion, NJ
kudos:1
said by StuartMW:

said by Cartel:

Now FF has PDF built in...so it begins....

Which is why, in about:config, I've set pdfjs.disabled to true in addition to disabling any and all PDF plugins in the Adds-ons Manager.

is it a vulnerability in the PDF protocal or the adobe (or foxit) renderer?
--
* seek help if having trouble coping
--Standard disclaimers apply.--


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:3
said by AVD:

is it a vulnerability in the PDF protocal or the adobe (or foxit) renderer?

No idea but if you don't allow PDF's to be automatically displayed then no vulnerability can be exploited

I manually (right-click, Save As...) files I want (including PDF's). If I noticed a PDF I hadn't downloaded I wouldn't try and open it even if it is called "free prize" or similar. I'm not that naive.
--
Don't feed trolls--it only makes them grow!

Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5
reply to Cartel
Mozilla blocked access to nbc.com during the attack (as did Chrome and Facebook). BUT during that window of time before Mozilla began blocking the site, a user with the latest Fx and internal PDF turned on, may have been vulnerable. Plus, not everyone sets their browsers to block reported attack sites. It is not clear to me whether or not Mozilla blocked nbc.com regardless of the user's settings or not.

I have never allowed PDF to be read in a browser. Firefox's internal PDF is using HTML5 so I don't know if it was vulnerable or not to this exploit. Even if not.....what about the next time? I continue to download PDF to disk, scan and THEN open in Evince which is little used on Windows (works great though) so less likely to be attacked by exploits.

»hitmanpro.wordpress.com/2013/02/···malware/
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:3
said by Mele20:

Plus, not everyone sets their browsers to block reported attack sites.

I turned that feature off since it was constantly reporting a (bookmarked) forum site I visit from time to time as an attack site. I looked into it and it was reported because some posts contained links to malware. Since I'm not dumb enough to click on them anyway I turned off the feature.

It was nice of Mozilla to hold my hand though. I felt all warm'n'fuzzy
--
Don't feed trolls--it only makes them grow!

HarryH3
Premium
join:2005-02-21
kudos:3
Reviews:
·Suddenlink
reply to StuartMW
said by StuartMW:

Which is why, in about:config, I've set pdfjs.disabled to true in addition to disabling any and all PDF plugins in the Adds-ons Manager.

Thanks for that. Just made the change here! (I Foxit without its browser plugin to open PDF's).


AVD
Respice, Adspice, Prospice
Premium
join:2003-02-06
Onion, NJ
kudos:1
reply to StuartMW
said by StuartMW:

said by Mele20:

Plus, not everyone sets their browsers to block reported attack sites.

I turned that feature off since it was constantly reporting a (bookmarked) forum site I visit from time to time as an attack site. I looked into it and it was reported because some posts contained links to malware. Since I'm not dumb enough to click on them anyway I turned off the feature.

It was nice of Mozilla to hold my hand though. I felt all warm'n'fuzzy

should have set it up as an exception instead..
--
* seek help if having trouble coping
--Standard disclaimers apply.--