Parks, Raymond wrote: > Either LANL is about six months behind on security updates or they > know something we don't know.
I stand corrected - there is a new 0day for pdf - http://blog.metasploit.com/2009/02/best-defense-is-information.html The patch does not come out until 11 March 2009. This vulnerability affects both versions 8 and 9 of Adobe Reader and Acrobat on all platforms (although exploits in the wild are only for Windows versions). The virus companies are aware and, if you have antivirus, you should update the virus signatures to ensure you won't be affected. Since the vulnerability depends upon javascript being enabled in pdf files, there is a registry hack for Windows which can be applied manually, using reg.exe, or through group policy. The registry hack will cause reader to put up a dialogue and users could undo the fix. If other viewers allow and interpret javascript in pdf files, then they could be vulnerable, but not to the same exploit - it would have to be modified to work with other viewers. -- Ray Parks [email protected] Consilient Heuristician Voice:505-844-4024 ATA Department Mobile:505-238-9359 http://www.sandia.gov/scada Fax:505-844-9641 http://www.sandia.gov/idart Pager:800-690-5288 ============================================================ FRIAM Applied Complexity Group listserv Meets Fridays 9a-11:30 at cafe at St. John's College lectures, archives, unsubscribe, maps at http://www.friam.org
