Security Flaw in Trusted Adobe PDF's

Posted on

  • email
  • twitter
  • facebook
  • share this

share this

advertisement
Symantec issued an alert that any Adobe PDF (Portable Document Format) file on the Internet could be used by hackers to run rogue JavaScript on a victimized PC. Cross-site scripting vulnerabilities -- "XSS" for short -- are flaws that trick a user's browser into executing untrusted code, usually with the aim of hijacking the system or stealing passwords. Previously, XSS exploits have been limited to Web servers; in other words, the user has to be duped into visiting a malicious Web site. To deter such attacks, Symantec recommended that enterprises filter JavaScript at the firewall, and that all users consider disabling the Acrobat Reader plug-in within their browser. Inside Firefox 1.5, the latter can be accomplished by selecting Tools|Options|Downloads and clicking the "View & Edit Actions" button. In the resulting dialog, choose "PDF" and click "Change Action." Pick "Open them with the default application option," click "OK" and "Close" and "OK."

via InformationWeek

 

Custom WordPress Design Themes at 99designs.com. Get the most designs for your buck when you start a design project!


Login To Comment

forget your login information?

Become a Member

Not already a part of our community? Sign up to participate in the discussion. It’s free and quick.

Sign Up

Be the first to comment on this article

advertisement

999 E Touhy Ave
Des Plaines, IL 60018

Toll Free: 1.800.817.1518
International: 1.773.628.2779
Fax: 1.773.272.0920
Email: info@websitemagazine.com

Facebook


Twitter