PDF Files A Big Security Risk Says QuickTime Hacker
- 1
- Add a Comment
The British security researcher/hacker Petko Petkov, the man who recently exposed the security flaw in Apple QuickTime, has now announced that Adobe Acrobat PDF files are a way to exploit a machine running Windows.
Petkov has, in the past, published a proof-of-concept exploit code to prove what he has said was true. This time, he refused to do so, as he believes the threat is so great it would be dangerous to show the flaws. The files have become ubiquitous, appearing in a diverse array of user’s machines.
The folks at Symantec seem to believe the claim, as the researcher has been correct more than once before. Adobe has not commented on the problem, while Petkov advises everyone not to open PDF files, period. This strong warning will surely be considered silly by most, but it seems to indicate that the exploit has been ’seen in the wild’.
Further comments revealed that the exploit is reported to work on a fully patched copy of Windows XP SP2 - no mentions were made of whether or not the code can wreak havoc on Vista systems. The flaw runs through all versions of Reader, including the recently released 8.1.
-
Tags: petko petkov, quicktime flaw, symantec, adobe, acrobat, pdf format, windows xp sp2, proof-of-concept
One Comment
exc
April 18th, 2008
at 4:03pm
pdp, has some interesting things, no ?