Overclock.net › Forums › Industry News › Software News › [MPC] Security Firm Finds Zero-day Exploit Capable of Bypassing Adobe Reader Sandbox
New Posts  All Forums:Forum Nav:

[MPC] Security Firm Finds Zero-day Exploit Capable of Bypassing Adobe Reader Sandbox

post #1 of 4
11/10/12 at 7:48pm
Thread Starter 
Quote:
Russian security firm Group-IB claims to have uncovered a critical Adobe Reader vulnerability that is currently being exploited in the wild by attackers in order to circumvent the ubiquitous PDF viewer’s sandbox, a security feature Adobe first introduced as part of Reader X nearly two years ago. Even though this zero-day vulnerability is said to have a few “limitations”, they don’t seem to be crippling enough to stop it from being sold on the black market for anywhere between $30,000 and $50,000.

Source

Didn't see this posted. Uninstall Adobe Reader and use Foxit Reader I guess?
Sony S Series
(14 items)
 
MiniQ
(14 items)
  		 
CPUMotherboardGraphicsRAM
Intel i5 3210M Propietary GeForce GT 640M LE 2GB 8GB DDR3 1333MHz 
Hard DriveOptical DriveCoolingOS
256GB OCZ Vertex 4 Generic DVD Burner Stock Windows 7 Pro x64 SP1 
MonitorKeyboardPowerCase
13.3" LED 1600x900 Laptop Laptop Laptop 
MouseAudio
Touchpad Onboard 
View all
CPUMotherboardGraphicsRAM
Intel 3.3GHz i3 3220 ASUS P8H77-I Sapphire Ultimate 7750 8GB G.Skill Ripjaws DDR3 1600MHz 
Hard DriveOptical DriveCoolingOS
128B OCZ Vertex 4 Samsung SH-224BB/RSBS Stock Windows 7 Ultimate x64 SP1 
MonitorKeyboardPowerCase
Samsung 60" UN60ES8000F Logitech K400 Seasonic SS-460FL Lian Li PC-Q08B 
MouseAudio
Logitech K400 Onboard 
View all
  hide details  
Reply
Sony S Series
(14 items)
 
MiniQ
(14 items)
  		 
CPUMotherboardGraphicsRAM
Intel i5 3210M Propietary GeForce GT 640M LE 2GB 8GB DDR3 1333MHz 
Hard DriveOptical DriveCoolingOS
256GB OCZ Vertex 4 Generic DVD Burner Stock Windows 7 Pro x64 SP1 
MonitorKeyboardPowerCase
13.3" LED 1600x900 Laptop Laptop Laptop 
MouseAudio
Touchpad Onboard 
View all
CPUMotherboardGraphicsRAM
Intel 3.3GHz i3 3220 ASUS P8H77-I Sapphire Ultimate 7750 8GB G.Skill Ripjaws DDR3 1600MHz 
Hard DriveOptical DriveCoolingOS
128B OCZ Vertex 4 Samsung SH-224BB/RSBS Stock Windows 7 Ultimate x64 SP1 
MonitorKeyboardPowerCase
Samsung 60" UN60ES8000F Logitech K400 Seasonic SS-460FL Lian Li PC-Q08B 
MouseAudio
Logitech K400 Onboard 
View all
  hide details  
Reply
post #2 of 4
11/10/12 at 7:57pm
I used chrome to open all my pdf's...no need for adobe at all.
Dark Knight
(17 items)
  		  
CPUMotherboardGraphicsRAM
2700k Gigabyte Z68XP-UD4 Sapphire HD 7850 2GB 16GB Corsair Vengeance LP 1600mhz  
Hard DriveHard DriveOptical DriveCooling
Samsumg F3 x 2 Crucial M4 LiteOn IHAS124-19 24x Corsair H80 
OSMonitorKeyboardPower
Windows 7 64bit 28" Hanns-G HZ281 1920x1200 Microsoft Sidewinder X6 Corsair GS700 
CaseMouseMouse PadAudio
Corsair Carbide Series 400R Logitech MX518 Sharkoon 1337 Elite Asus Xonar DG 
Audio
Logitech X 530 5.1 
View all
  hide details  
Reply
Dark Knight
(17 items)
  		  
CPUMotherboardGraphicsRAM
2700k Gigabyte Z68XP-UD4 Sapphire HD 7850 2GB 16GB Corsair Vengeance LP 1600mhz  
Hard DriveHard DriveOptical DriveCooling
Samsumg F3 x 2 Crucial M4 LiteOn IHAS124-19 24x Corsair H80 
OSMonitorKeyboardPower
Windows 7 64bit 28" Hanns-G HZ281 1920x1200 Microsoft Sidewinder X6 Corsair GS700 
CaseMouseMouse PadAudio
Corsair Carbide Series 400R Logitech MX518 Sharkoon 1337 Elite Asus Xonar DG 
Audio
Logitech X 530 5.1 
View all
  hide details  
Reply
post #3 of 4
11/10/12 at 7:58pm
SumatraPDF is a pretty good PDF reader as well.

If you just have basic PDF needs then built in readers in browsers like Chrome or Firefox will do fine without any software. Actually, I don't remember if the Firefox version is enabled in the stable channel yet but it's in there somewhere.
Reply
Reply
post #4 of 4
11/10/12 at 8:03pm
Quote:
Originally Posted by ahnon View Post

SumatraPDF is a pretty good PDF reader as well.
If you just have basic PDF needs then built in readers in browsers like Chrome or Firefox will do fine without any software. Actually, I don't remember if the Firefox version is enabled in the stable channel yet but it's in there somewhere.

Yep, i use the built in one in Firefox it's not enabled by default yet (suppose to be in up coming v18). It's easily enabled in the config and is much more sleek and faster compared to loading the 3rd party plugin, that is adobe reader. Only thing is, it doesn't have printing capabilities as of now, so for that i have Foxit reader thumb.gif

You know what makes this exploit even worse, I've seen so many people who still have really old versions of adobe reader, like still version 7. Every time the update dialog comes up they simply click cancel. It's really frustrating to watch.
Edited by NoiseTemper - 11/10/12 at 8:06pm
BitPhire
(17 items)
 
Little Pooh
(10 items)
  		 
CPUMotherboardGraphicsRAM
AMD Phenom II X4 945 @3.5GHz Gigabyte GA-890GPA-UD3H GigaByte Radeon HD 5770 Corsair Vengeance LP 8GB 1600MHz 
Hard DriveHard DriveOptical DriveCooling
Samsung 830 128GB SSD Seagate Barracuda 500GB Asus DVD Burner  CoolerMaster Hyper TX3 
OSMonitorKeyboardPower
Windows 7 Professional 64bit BenQ G2222HDH Leopold FC500R (MX Brown) Corsair HX-650 
CaseMouseMouse PadAudio
Bitfenix Shinobi Window Razer DeathAdder V2 3500DPI Razer Goliathus Control Standard Edition Realtek HD Audio ALC892 
Other
Audio Technica ATH-TAD500 
View all
CPUMotherboardRAMHard Drive
Intel Celeron G530 ASRock H77M Motherboard Kingston ValueRAM 4GB Western Digital Blue 1TB 
Optical DriveOSMonitorPower
ASUS DVD Burner Windows 7 64Bit SP1 Sharp Aquos 37" LCD TV Corsair CX-430 V2  
CaseMouse
CoolerMaster Elite 341 mATX Microsoft Basic Mouse 
View all
  hide details  
Reply
BitPhire
(17 items)
 
Little Pooh
(10 items)
  		 
CPUMotherboardGraphicsRAM
AMD Phenom II X4 945 @3.5GHz Gigabyte GA-890GPA-UD3H GigaByte Radeon HD 5770 Corsair Vengeance LP 8GB 1600MHz 
Hard DriveHard DriveOptical DriveCooling
Samsung 830 128GB SSD Seagate Barracuda 500GB Asus DVD Burner  CoolerMaster Hyper TX3 
OSMonitorKeyboardPower
Windows 7 Professional 64bit BenQ G2222HDH Leopold FC500R (MX Brown) Corsair HX-650 
CaseMouseMouse PadAudio
Bitfenix Shinobi Window Razer DeathAdder V2 3500DPI Razer Goliathus Control Standard Edition Realtek HD Audio ALC892 
Other
Audio Technica ATH-TAD500 
View all
CPUMotherboardRAMHard Drive
Intel Celeron G530 ASRock H77M Motherboard Kingston ValueRAM 4GB Western Digital Blue 1TB 
Optical DriveOSMonitorPower
ASUS DVD Burner Windows 7 64Bit SP1 Sharp Aquos 37" LCD TV Corsair CX-430 V2  
CaseMouse
CoolerMaster Elite 341 mATX Microsoft Basic Mouse 
View all
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
Overclock.net › Forums › Industry News › Software News › [MPC] Security Firm Finds Zero-day Exploit Capable of Bypassing Adobe Reader Sandbox