Is this the same flaw that Group-IB found at the end of last year, which circumvents the sandbox?
http://www.theregister.co.uk/2012/11/08/adobe_reader_zero_day/
Vulnerability researchers at FireEye are reporting that Adobe's Reader software has a zero-day flaw that hackers are already exploiting in the wild. FireEye flaw You've been pwned (click to enlarge) The flaw is found in Adobe Reader 9.5.3, 10.1.5, and 11.0.1 and involves sending a specially crafted file to the target. …
SDELETE Adobe Reader (or DBAN your drive if you're feeling particularly hateful)... then...
1) Right click on PDF file
2) Open with...
3) Find chrome.exe
4) "Always use the selected program to open this kind of file"
5) Say "Yipee!"
Now I do admit that you'll need Chrome installed in order for this to work (might be doable in other browsers with built-in PDF viewers but I haven't tested accordingly) and yes I am also aware that Chrome's PDF rendering isn't necessarily the best in the world.
Having said that however Chrome does open the vast majority of PDF files I have to deal with without issues and hence I have actually been without Adobe Reader for quite some time now.
And yes, Chrome may have their own issues from time to time but let's be honest here; they patch a HECK OF A LOT faster than Adobe.
I expect you'll still need to use Reader to fill in official forms online. Like Java, it's enough just to disable the browser plug-in.
Firefox 19 onwards also has a built-in PDF reader (in fact Chrome's comes from Firefox), so disable the plug-in just to be sure and let the browser render PDFs itself. In earlier Firefoxes (15 onwards I think) you have to enable it in about:config, the option is pdfjs.disabled.
Using Chrome to open PDF documents is akin to using a sledgehammer to crack a nut. Far better to install Sumatra PDF (available as a portable version as well). The software is so lightweight it opens PDFs instantly, even on old hardware. Rendering is also great. There's also a browser plugin.
we just were spear-phished with some very obfuscated Adobe pdf stream objects, plus the vxers helpfully threw in a handful of other discrete .doc viruses in the .rar blob folder. Thankfully we've successfully taught our main 'target' users what this years' bad things look like.
None of the antivirus programs that I've scanned the pdfs with have yet remarked that they are plausible/valid documents which have been hollowed-out and stuffed with trojans.
The code page & iso font codes probably indicate China, but we inevitably start the slippery smoke and mirrors slope of attribution...as I'd use 'fake' attributes if I was the USA hacking team
I binned Adobes bloatware years ago. And chrome is something that annoys me with the number of stealth installs it performs on some peoples systems due to pre ticked boxes - any software worth bothering with will gain traction by word of mouth rather than by being sneaked onto a system.
Maybe a useful addition for Opera to consider... a PDF tool alongside the built in torrent client.
You would have to be some sort of special case you actively go out your way to install Adobe reader on Linux when so many better alternatives exist.
The default Reader in KDE (okular) is far far far faster, uses less resources, and don't come with the special adobe sauce that renders all security obsolete.
Even the poor gnome users (one step away from windows8) have a far better default browser.
I used to hate pdfs when I used Windows, not so on Linux. (same goes for general life)
"by some estimates, Reader is on 90 per cent of PCs in the Western world."
Odd. Anyone running a Windows PC without an AV package is regarded as recklessly insane, and yet:
None of these packages flag up Reader, despite it being the biggest single attack vector there is.
People running this attack vector are *not* regarded as recklessly insane.