Posted by - wirewolf
Post date - 04-10-2007, 05:16 PM
Attention all users. I've just learned of a possible problem with Adobe Reader (http://www.adobe.com/products/acrobat/readstep2.html). I have disabled all of the p_d_f files in the Downloads Section and the uploading of p_d_f files to posts. The problem is NOT with the p_d_f files themselves, but with a vulnerability within Adobe and a hacker's possible injection of a cross site scripting java code. Please read these articles:
Adobe Reader flaws spook security experts (http://searchsecurity.techtarget.com/columnItem/0,294698,sid14_gci1237450,00.html)
Adobe to issue patches for Reader vulnerability (http://www.networkworld.com/news/2007/010507-adobe-to-issue-patches-for.html)
If you have the Adobe Plugin enabled in your browser, DISABLE it right away!!! This threat appears to affect all types of browsers, but mainly Firefox and Internet Explorer. Again, the threat is not with the site you are visiting or with an actual p_d_f file itself, but with a vulnerability with in Adobe Reader. This can be exploited with ANY site you visit that has p_d_f file links, not just the Forum and the wrong combination of Browser and Adobe.
Members', please do not place links to p_d_f files in any post. The hackers exploiting this Adobe vulnerability are scanning web pages looking for p_d_f file links. Once found, they wait for an innocent user to come along with just the right combination of browser and Adobe version. When found, the hacker uses cross-site scripting to gain access to that unsuspecting users' computer.
According to organizations like Secunia and The French Security Incident Response Team (FrSIRT), the best thing for users to do at this time, is to upgrade to Adobe 8.0.0 (http://www.adobe.com/products/acrobat/readstep2.html), where the vulnerability has been removed.
I have also learned of another problem for those using Microsoft Windows. This comes from - US-CERT - National Cyber Alert System:
Please read - Microsoft Windows Animated Cursor Vulnerability (http://www.us-cert.gov/cas/alerts/SA07-089A.html)
I will keep you updated with any new information regarding this issues.
Update: See post below.
John
PS, Ain't the Internet great? :userfriendly:
Background. One of our member's recently contacted me complaining that it took a while for the forum pages to load and that he had to wait for Adobe Reader to finish loading. There is no call from the forums server to preload Adobe Reader! After a little investigation, I informed him of the problem (as stated above). He removed the Adobe Plug-in, and upgraded to Adobe Version 8. He reported that this fixed the problem. Apparently his computer was not compromised.
If any user has experienced the same problem please upgrade to Adobe Version 8 and you may also want to upgrade your current browser. If you think your computer may have been compromised, perform a scan of your computer with a Anti-Virus program (make sure you have the latest virus definitions prior to doing the scan).
Adobe Reader flaws spook security experts (http://searchsecurity.techtarget.com/columnItem/0,294698,sid14_gci1237450,00.html)
Adobe to issue patches for Reader vulnerability (http://www.networkworld.com/news/2007/010507-adobe-to-issue-patches-for.html)
If you have the Adobe Plugin enabled in your browser, DISABLE it right away!!! This threat appears to affect all types of browsers, but mainly Firefox and Internet Explorer. Again, the threat is not with the site you are visiting or with an actual p_d_f file itself, but with a vulnerability with in Adobe Reader. This can be exploited with ANY site you visit that has p_d_f file links, not just the Forum and the wrong combination of Browser and Adobe.
Members', please do not place links to p_d_f files in any post. The hackers exploiting this Adobe vulnerability are scanning web pages looking for p_d_f file links. Once found, they wait for an innocent user to come along with just the right combination of browser and Adobe version. When found, the hacker uses cross-site scripting to gain access to that unsuspecting users' computer.
According to organizations like Secunia and The French Security Incident Response Team (FrSIRT), the best thing for users to do at this time, is to upgrade to Adobe 8.0.0 (http://www.adobe.com/products/acrobat/readstep2.html), where the vulnerability has been removed.
I have also learned of another problem for those using Microsoft Windows. This comes from - US-CERT - National Cyber Alert System:
Please read - Microsoft Windows Animated Cursor Vulnerability (http://www.us-cert.gov/cas/alerts/SA07-089A.html)
I will keep you updated with any new information regarding this issues.
Update: See post below.
John
PS, Ain't the Internet great? :userfriendly:
Background. One of our member's recently contacted me complaining that it took a while for the forum pages to load and that he had to wait for Adobe Reader to finish loading. There is no call from the forums server to preload Adobe Reader! After a little investigation, I informed him of the problem (as stated above). He removed the Adobe Plug-in, and upgraded to Adobe Version 8. He reported that this fixed the problem. Apparently his computer was not compromised.
If any user has experienced the same problem please upgrade to Adobe Version 8 and you may also want to upgrade your current browser. If you think your computer may have been compromised, perform a scan of your computer with a Anti-Virus program (make sure you have the latest virus definitions prior to doing the scan).