Attacking enterprises just got easier with the development of an idiot-friendly tool that spits out booby-trapped PDFs with a few clicks. The tool weaves existing exploits into PDFs, allowing attacks against Adobe Reader and Acrobat versions 8.x prior to 8.2.1 and 9.x before 9.3.1. Users can insert their own URL pointers into …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Thursday 12th June 2014 05:48 GMT Anonymous Coward

"SecRecon freelance security bod Claes Spett developed the tool while building a private exploit kit to help him pop organisations during penetration tests."

Is it just my dirty mind, or is that sentence rather suggestive?

1 0
1. Thursday 12th June 2014 07:32 GMT Elmer Phud
  
  Would you prefer they surreptitiously inserted it through a backdoor?
  
  2 0
Thursday 12th June 2014 07:35 GMT Elmer Phud

Just Acrobat?

If so then I'm happy (but will check to see if there's an update for Foxit)

1 0
1. Thursday 12th June 2014 11:02 GMT Anonymous Coward
  
  Re: Just Acrobat?
  
  Always happy to have yet another reason to avoid software from them..
  
  0 0
2. Thursday 12th June 2014 15:37 GMT Anonymous Coward
  
  Re: Just Acrobat?
  
  "but will check to see if there's an update for Foxit"
  
  I use Foxit too. But considering it's Chinese software, they won't need a booby trapped file to examine your and my files.....
  
  0 0
Thursday 12th June 2014 08:52 GMT Tom 7

The only safe PDF

is the text and images it was made from - which are normally a lot more useful than the resulting PDF!

1 0
Thursday 12th June 2014 09:07 GMT Bronek Kozicki

Did you patch ...

... your programs today?

Honestly, people should be taught not only how to patch, but also the importance of doing it regularly. Linux icon, because its packaging systems makes it sooo much easier than Windows.

2 0
Thursday 12th June 2014 12:14 GMT banjomike

Microsoft blocked it FOUR YEARS ago...

Are there any anti-virus packages which don't block it?

0 0
Thursday 12th June 2014 21:27 GMT Infernoz

Why do many people even use Adobe Reader

Sumatra is so much better for general use and even keeps track of the last page viewed, of many documents, in it's config, so that you can carry on reading where you left off, say after a reboot for Windows cruftdate.

0 0
1. Friday 13th June 2014 17:59 GMT Anonymous Coward
  
  Re: Why do many people even use Adobe Reader
  
  How about it being the last ditch tool to use when Calibre's eReader (I like its cataloging), Tomahawk, Sumatra, Foxit, and the rest here fail to render properly or Adobe specific functions are invoked. BTW, that's very rare and only one with my own collection, not some file that is recent, even from "known" sources. I don't accept mailed files, period. Yeah, I'm a founding member of the T-Foil-Hat Brigade.
  
  0 0