Weakness in PDF reader programs

Got networking / internet / computer/ TV/ Telephone problems in Crete? Ask here.
paulh
Posts: 2435
Joined: Sun Feb 11, 2007 7:13 pm
Location: Akrotiri

Weakness in PDF reader programs

Postby paulh » Thu Apr 01, 2010 11:32 am

After noon here in Crete so this is not an April 1st wind up.

It appears there is a fundamental flaw in the way several pdf readers work which can be exploited and thereby allow nasties into your machines. This is not out there in the wild at the moment it has only been proved to work.

It works in it's current form on Adobe PDF reader, it is surmised that with a little tweaking it could be made to work on Foxit PDF reader.

This is not a hack through a weakness or mistake in the program it is using the proper facilities of the program but in an unexpected manner so it will be very awkward to patch because anything that stops the unwanted things also will stop the wanted functions of the readers.

If you feel you want to try something else to read your PDF files there is a little program called Sumatra PDF. Google it and you can download it and install it easily. It is only a simple reader and probably a way to run nasties could be written for it too except it is so small and so "unknown" that it isn't worth writing a specific piece of code for such a small client base.

No big panic on this yet, it was only reported widely yesterday and we will see how and if it develops further.

Return to “ Computers, TV, Telephone and Internet”

Who is online

Users browsing this forum: No registered users and 2 guests