Design flaws in PDF will lead to Attack by Hackers - Says Experts

Hackers Attack PDF too? ... Read this article.....

A design flaw in Adobe's popular PDF format will quickly be exploited by hackers to install financial malware on users' computers, a security company argued today.

The bug, which is not strictly a security vulnerability but actually part of the PDF specification, was first disclosed by Belgium researcher Didier Stevens last week. Stevens demonstrated how a multistage attack using the PDF specification's "/Launch" function could successfully exploit a fully-patched copy of Adobe Reader.

Unlike other attacks based on rogue PDFs, Stevens' technique does not require an underlying vulnerability in Adobe's Reader or Acrobat, but instead relies on social engineering tactics to dupe users into opening a malicious PDF. In his demo, Stevens used a PDF document containing attack code that he was then able to execute using the /Launch function. Although Reader and Acrobat display a warning when an executable inside a PDF file is launched, Stevens found a way to partially modify the alert to further trick a potential victim into approving the action.

It will be easy for hackers to replicate Stevens' strategy, said Mickey Boodaei, CEO of security company Trusteer, best known for Rapport, a security service that helps online banks, brokerages, and retailers secure customers' desktops.

Boodaei assumes that criminals will be able to replicate the attack -- within days, if they haven't already -- and believes that they will immediately add it to the already-in-place multi-exploit kits that they've hidden on compromised legitimate sites.

Adobe has acknowledged the bug, but has not yet committed to producing a patch to stymie attacks. However, the company has urged users to change Reader's and Acrobat's settings to disable the /Launch function.

In a blog post Tuesday, Adobe Reader group product manager Steve Gottwals recommended that consumers block attacks by unchecking a box marked "Allow opening of non-PDF file attachments with external applications" in the programs' preferences panes. By default, Reader and Acrobat have the box checked, meaning that the behavior Stevens exploited is allowed.

Gottwals also showed how enterprise IT administrators can force users' copies of Reader and Acrobat into the unchecked state by pushing a change to Windows' registry.

Taken from an article By Gregg Keizer

Toshiba 8 GB USB 2.0 Flash Drive