This malicious code is the Executive should be recorded in the PDF-file. User has to run this code (the command launch) - well, and hackers to take advantage of the methods of social engineering. Of course, the computer will ask the user whether he wants to run. However, the risk of infecting your computer is still great - in fact, many users probably do not understand the situation, may press the "Open".
If an infection occurs, will be fatally damaged by all on the hard disk PDF-files. Later, when you try to open them, you will be automatically redirected to a site specified by hackers. At the same time protect against the new scourge impossible to disable JavaScript, or using any other program to read PDF. The reason - the fact that the vulnerability is not in the software, but in the specification of PDF.
Now Adobe and Foxit Software have already researched the problem and seek ways of improving it. However, the company F-Secure notes: according to statistics, almost 61% of hacker attacks account for one single application - Adobe Acrobat Reader. For example, of the 900 attacks, the investigated F-Secure for the first two months of 2010, more than 500 had it on have Adobe for reading PDF-files.
No comments:
Post a Comment