Hackers on Thursday exploited a vulnerability on Ain't It Cool News that redirected anyone visiting the movie review site to a server containing a malicious Adobe Reader file. The attack targeted a vulnerable PHP script on one of AICN's servers that automatically appended the malicious link to banner ads served on the site, its …
Is it Adobe Reader
only that is affected by this, is something like Foxit Reader also affected? Or any PDF reader?
I guess that's a moot point really seeing as it's flaws in Adobe's reader that are being specifically targeted.
Scrub this, it's just a muse.
Since I don't (and does anyone I know) use that craptastic, heavy piece of bloatware that is Adobe PDF reader I'm not to concerned.
Foxit reader all the way.
Foxit is definitely getting worse though. Slower, more bloated, and I find these days that some PDFs don't display properly in it. Some PDFs seem to need Adobe Reader...
Another point in favour of adblockers
the only effect I saw of this was the absence of any content on AICN
to block ad servers
when will they learn?
Yes, adobe's lamentably buggy and insecure pdf reader is a horrendous piece of bloatware and with every bit of useless bloat comes more bugs
Solution? stop adding features we didn't want or ask for. And fix your code.
Sumatra is an option
Loads quick and as far as I know doesn't have an exploit yet.
...full of sound and fury, signifying nothing
Hey, Bitdefender ftw, and, surprisingly, Microsoft, being 2 that found it. However, like the others, Foxit user here (also slowly going off it). As for users running outdated versions, blame Adobe, unlike other software which checks online when the program starts for updates then tells you, it doesn't seem to - maybe it would if the utility in startup was allowed to run in the background, but it was always the first thing I disabled.
After 20 odd years Microsoft have finally sussed that what their customers want is fast secure systems, let's hope it doesn't take Adobe that long.
Another slapdash bit of writing from this hack
"to a server containing a malicious Adobe Reader file"
I have no idea what one of those is - perhaps you mean a 'PDF' file (now an open standard since Adobe released it to the ISO)
I go there daily and i didnt notice a thing...
...probably because I have AdBlock
- Xmas Round-up Ten top tech toys to interface with a techie’s Christmas stocking
- Google embiggens its fat vid pipe Chromecast with TEN new supported apps
- Microsoft: Don't listen to 4chan ... especially the bit about bricking Xbox Ones
- Shivering boffins nail Earth's coldest spot
- Exploits no more! Firefox 26 blocks all Java plugins by default