Under the Web

Some interesting things in life and internet

Flaw found in Adobe Acrobat PDF format Allows attacks on personal computers through trusted Web links

Posted by Jackie R. on January 6, 2007

Computer security experts have found a loophole in Adobe Acrobat Reader program that allows hackers or malicious to harm your computers. As pdf files are everywhere in many servers and are trusted by many, hackers can make use of this to carry out their operations by manipulating the weblinks that exist within the pdf files and initiate harmful scripts when you launch the pdf from within your browser.

The flaw appears to target Internet Explorer 6.0 or earlier versions of it and Firefox browser. It is recommended users protect themselves by upgrading IE to latest version or by changing Firefox’s option so that the browser does not use the Acrobat plug-in but launch the pdf file from the native Acrobat Reader in your program list.

Here is the full link of this report: http://www.msnbc.msn.com/id/16464910/ 

Ok, here is how you change the setting for Firefox:

Firefox 2: Go to Tools / Options “Content / File Types” and click the “Manage…” button. Select “PDF” from the list of extensions, or use the ‘Search’ function if you can’t find. Click the “Change Action” button and change the action to “Open them with the Default Application” (Adobe Reader).

Firefox 1.5:: Go to “Downloads / Download Actions” and click the “View & Edit Actions” button. Select “PDF” from the list of extensions or use Search, click the “Change Action” button and change the action to “Open them with the Default Application” (Adobe Reader).

Firefox 1.0.x: Go to “Downloads” and click the “Plugins” button. Uncheck “PDF” from the list of extensions. Next time you click a .pdf file link in Firefox, you will get an “Opening….” dialog box asking what you would like to do with the .pdf file. Choose the option to open with the default application and check the box to do that automatically from now on.

Advertisements

2 Responses to “Flaw found in Adobe Acrobat PDF format Allows attacks on personal computers through trusted Web links”

  1. If I would not be able to upgrading IE (bad internet connection in Asia currently) how would I be able to protect myself if I continue to use IE Ver 6? I’m worried because I read and downloaded a lot of pdf files. Thank you.

  2. Jackie R. said

    Hi, I am not very sure for IE6 as I use Firefox all the time. But I think you can go to Options –> Security tab –> Custom Level –> Scroll down to “Run ActiveX Controls and plugins”, set to “Disable”.
    This is my understanding. Correct me if I am wrong. Thanks.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: