VB Migration

Tag: pdf

  • File-stealing vulnerability found in Firefox PDF reader

    Both Windows and Linux users actively being targeted. If, like me, you are suffering from vulnerability fatigue after so many flaws and weaknesses having been disclosed in Las Vegas this week, you may be tempted to ignore the advisory Mozilla released yesterday. However, I strongly advise you don’t. The company says it has been made…

  • Paper: Script in a lossy stream

    Dénes Óvári explains how to store code in lossily compressed JPEG data. Malformed PDFs have become a common way to deliver malware. Naturally, when this started to happen, anti-virus products began scanning inside PDF files for traces of malicious code and, equally naturally, malware authors started to obfuscate that code to circumvent scanners. Not everything…

  • ‘Nitro attacks’ continue

    PoisonIvy trojan sent attached to email warning about the same trojan. Researchers at Symantec report that the ‘ Nitro attacks ‘, which target a number of large companies, many of which are active in the chemical industry, are continuing, using the same methods as before. In the most recent part of this attack, employees of…

  • Extra-large crop of updates for Patch Tuesday

    Fourteen security alerts from Microsoft join two from Adobe. Microsoft ‘s monthly Patch Tuesday security bulletins came out this week, featuring a chunky 14 separate alerts with many covering multiple issues. Eight of the new alerts were rated ‘Critical’, with the remaining six marked as ‘Important’. In addition to Microsoft ‘s updates, Adobe also released…

  • Security holes trouble vendors

    Vulnerabilities fixed in McAfee website and Google Chrome; patch expected for Adobe Reader. A range of vulnerabilities have been causing headaches recently for companies including security vendor McAfee , the Internet browser arm of Google and PDF reader giant Adobe . McAfee came in for criticism when it was discovered that McAfee Secure – the…

  • March Patch Tuesday followed by PDF viewer patches

    Major kernel issue and PDF problems fixed, spreadsheet software remains vulnerable. Microsoft released the March security bulletin this week, with the monthly Patch Tuesday updates rather lighter than usual. On the same day, Adobe released some important patches for its widely used PDF viewing software. From Microsoft came a single ‘critical’ fix for the Windows…

  • More PDF exploits seen in wild

    Adobe Reader and Acrobat flaws open way for further document attacks. A string of vulnerabilities in Adobe ‘s PDF viewing and editing software, disclosed late last week by Adobe and iDefense , have been exploited by malicious attacks using PDF files to launch malware. The flaws, which include several buffer overflows, a library path vulnerability…

  • PDF trojan exploits Adobe flaw

    Reader/Acrobat vulnerability targeted day after patch release. A vulnerability in Adobe ‘s popular PDF-viewing software Adobe Reader and editing suite Acrobat , first reported a month ago , was patched on Monday in an update released two weeks after the company issued a workaround to minimise exposure. The following day, PDFs containing exploits for the…

  • Adobe acknowledges PDF flaw, issues workaround

    Registry hack provides temporary fix for vulnerability. Adobe has officially confirmed the vulnerability announced last month by researcher Petko Petkov, which could allow maliciously crafted PDF files to breach security and compromise systems. Limited details of the flaw were made public and led to widespread concern over the security of the widely used document format.…

  • Alarm over possible PDF flaw

    Vulnerability announcement hyped to disaster level. The announcement of a potentially serious vulnerability in the ubiquitous Adobe PDF document format sparked considerable media attention last month, in some cases hyped to the level of a major disaster waiting to happen. The vulnerability was found by researcher Petko Petkov and was announced in a blog entry.…