Most of our business here is a poison control hotline. Our agents must frequently run web searches concerning something a client calls in about. (Our "substances" database is pretty extensive, but someone out there may have a local name for a plant which is pretty much used in that caller's location only, for example.) A search returns a promising-looking page which turns out to have an infected PDF on it. The page loads (read, "downloads"), the buffer overflow is initiated, and ka-BOOM - we no longer own that workstation. User sees information on that page, goes about their business, and sometime later is treated to a porno show, gets offers from assorted anti-malware companies, etc.
No, it does not "only mess with other PDFs". The bad PDFs have code that messes with the rest of the OS! -- richard David Lum <[email protected]> 11/04/2011 12:57 PM Please respond to "NT System Admin Issues" <[email protected]> To "NT System Admin Issues" <[email protected]> Press this button if the "To" is a fax number. Enter in the fax number like 123-456-7890. cc Subject So...I need to pitch the Adobe upgrade We have at least 40 users who actually need the full version of Adobe Acrobat and potentially over 200. What I need to do is justify the cost to management and, being security related, means I have to come up with some kind of risk analysis to justify it. Can y?all help me with this? I am not great at thinking about the kinds of Q?s management would ask. ?Adobe has stopped support for version 8 of Adobe Acrobat (Reader, Standard, and Professional) this means they no longer are releasing security updates for this version. Currently we show an installed base of 250 systems which means we have this many systems that will become increasingly vulnerable. What are they vulnerable to? The malware a PDF can carry almost any kind of malware, virus, spyware, etc and is not limited to a ?can only mess with other PDF?s? kind of vulnerability. PDF?s are a *very* common document exchange format, and a PDF file can deliver malware just as easily as visiting a website. In fact, opening a PDF from the Internet is the most likely form of compromise so the odds of compromise go up with each opening of a PDF file. It?s worthy to note many PDF vulnerabilities are operating system agnostic ? Mac and Windows machines are equally vulnerable. Our options are to leave the systems as-is and accept the risk of compromised systems, or to upgrade to the currently supported version of Adobe. In my opinion the potential security risk greatly exceeds the cost of upgrading the necessary systems to Acrobat X Standard which is fully supported with security updates until Nov 15, 2015? David Lum Systems Engineer // NWEATM Office 503.548.5229 // Cell (voice/text) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
