Rigged PDFs exploiting just-patched Adobe Reader flaw
Just three days after Adobe shipped a patch with fixes for a critical Adobe Reader vulnerability, hackers are using booby-trapped PDF files to fire exploits against Windows users. [ SEE: Heads up: Patch your Adobe Reader now ] The in-the-wild attacks, first spotted by the SANS Internet Storm Center, follows the public release of proof-of-concept exploits at Milw0rm.com and underscores the importance of quickly patching third-party desktop applications. I have seen a sample of one of the rigged PDF files in circulation and can confirm it is indeed exploiting the CVE-2008-2992 vulnerability, which is a stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier. It allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument. From the SANS ISC alert: The payload is in a JavaScript object embedded in the PDF document. Once extracted, it just contains first level obfuscation with a simple eval(unescape()) call. Once deobfuscated, parts of the publicly posted PoC are visible, but the attackers also modified certain parts. Adobe Reader is one of the most widely distributed pieces of software on the Windows ecosystem to the application of this patch should be an absolute priority. The updates are available at: http://www.adobe.com/support/downloads/detail.jsp?ftpID=4084http://www.adobe.com/support/downloads/detail.jsp?ftpID=4084 (Windows), http://www.adobe.com/support/downloads/detail.jsp?ftpID=4093http://www.adobe.com/support/downloads/detail.jsp?ftpID=4093 (Mac), http://www.adobe.com/support/downloads/detail.jsp?ftpID=4094http://www.adobe.com/support/downloads/detail.jsp?ftpID=4094 (Linux/Solaris).
Are you obsessed with Juicy Couture? Are you craving juicy couture wallet,juicy couture purses and accessories? Does the idea of a fluffy handbag or velour tracksuit make you want to shop? If so, you know what you want, so why not become an expert about the Juicy Couture brand?Juicy Couture is now a worldwide company. It has expanded from a women's clothing company to a company that sells women's clothing, men's clothing, children's clothing, handbags, and accessories such as juicy watches, wallets, cosmetics, fragrances and more.
Reply to this
sincere embodiment to ardent appeal and elegant style There are lots of ladies replica Tag watches models from Tag Heber brand some of the best seller models are narrated here monblanc Blue Replica Tag Heuer Link 200 Meter Watch runs on best quality quartz movement and the watch case of this replica watch is made of stainless steel and comes with stainless steel Made bracelet The dial color of the beautiful ladies watch is blue and hour markers are studded with diamond fake watches fake tag heuer watches faux watches fake patek philippe watches The face dial of the watch is
Reply to this
I don't like hackers, and I really don't like many other things. I don't enjoy being hacked either. I use pdf files every day, and am happy to say that I have not ever been hacked through them. I don't anticipate ever being either.
Reply to this
Once extracted, it just contains first level obfuscation with a simple eval(unescape()) call. Once deobfuscated, parts of the publicly posted PoC are visible, but the attackers also modified certain parts. Adobe Reader is one of the most widely distributed pieces of software on the Windows ecosystem to the application of this patch should be an absolute priority.
Reply to this