Looks to me like its a flaw in the PLUG-IN not the Acrobat Reader
itself. Here plugin should be disabled for the "URI" action.
Go to your folder .....ProgramFileDir\Adobe\Acrobat ver\Reader\plug_ins\
& only leave the PLUGINS that are ONLY FREQUENTLY USED BY U (or
requests a program action withing the program)
Which in my case, i only have the plugins,
EWH32.api
Search*.api
rest....plugins move them to another folder (say:
ProgramFileDir\Adobe\Acrobat ver\plug_ins_disabled\ )
acrobat has grown something BEYOND just a reader into something BIG
with lots of attack vectors since ages.
best security practices ?
-bipin
On 9/13/06, David Kierznowski <david.kierznowski@gmail.com> wrote:
Recently, there has been alot of hype involving backdooring various
web technologies. pdp (arcitect) has done alot of work centered around
this area.
I saw Jeremiah Grossman mention PDF's being "BAD", however, I was
unable to easily locate any practical reasons as to why. I decided to
investigate this a little further.
This article discusses two possible backdoor techniques for Adobe
Acrabat Reader and Professional. It includes proof of concept code and
backdoored PDF documents.
The article can be found here:
http://michaeldaw.org/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
Bipin Gautam
http://bipin.tk
Zeroth law of security: The possibility of poking a system from lower
privilege is zero unless & until there is possibility of direct,
indirect or consequential communication between the two...
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
