Welcome to Discuss Everything Forums...

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed.


 
View RSS Feed

yoyotach

An analysis of a PDF exploit

Rate this Entry
Most people think of PDF documents as static pieces of information. How could a PDF file compromise your computer? The reality is that PDF documents can contain all sorts of stuff, and clever miscreants have figured out how to exploit that stuff to wreak havoc on your computer. PDF exploits are on the rise, and they’re especially nasty not just because most people don’t realize this is a viable attack vector, but because the symptoms simply look like a PDF file won’t open: click, Adobe Acrobat fires up, then randomly closes some seconds later. “Huh, bad file” is what most people will think, and move on with their lives, completely unaware that the computer is infected.

Here’s a really good analysis of a malicious PDF. PDF tips: edit pdf on mac. The PDF document structure has obfuscated Javascript code embedded in it. After a delay of 10 seconds, the Javascript makes a request to an Internet site to download an executable file, and boom your computer is compromised. Your anti-virus software may catch the roguefile, but it might not. The Internet: this is a dangerous place.

I’ve seen exactly one malicious PDF file in the wild. It hit one of the students I support, and we got really lucky in catching the infection before it could spread to other hosts on our network: the malware payload was not recognized by our antivirus software, so we might never have known except that the student reported problems opening this PDF. PDF tips: edit pdf text on mac. It was a fascinating thing to diagnose, because it’s so far outside the realm of what we normally see.

It’s a tired old refrain: update all of the software on your Windows computer. Everyone is tired of hearing it, because frankly it’s too much work. Too many applications update in different ways, and on different schedules: Windows Update, Mozilla’s built-in updater, Adobe’s Update Manager, Java, etc. The reality is, though, that it is quite important to do, despite the effort. Microsoft could likely make a lot of users very happy if they were to implement a solid unified update solution, like that used in OSX and most Linux distributions.

One option, at least with respect to PDF files, may be to use something other than Adobe Acrobat.

Source: techcrunch.com

Submit "An analysis of a PDF exploit" to Digg Submit "An analysis of a PDF exploit" to del.icio.us Submit "An analysis of a PDF exploit" to StumbleUpon Submit "An analysis of a PDF exploit" to Google

Tags: None Add / Edit Tags
Categories
Uncategorized

Comments

Leave Comment Leave Comment