iTWire - Microsoft finally admits fault for PDF attacks

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Blog

Technology news and Jobs

Microsoft finally admits fault for PDF attacks

Microsoft finally admits fault for PDF attacks

E-mail

by Stan Beer
Saturday, 27 October 2007
There we were thinking that Adobe was at fault because its Acrobat reader had a vulnerability that exposed users to bad PDF files filled with malwares sent in spam when all along it was yet another vulnerability in Microsoft Windows. Microsoft has belatedly admitted that it's to blame and is working on a fix but for many it may be too late as spam with dodgy PDF files is hitting mailboxes by tens of thousands. Featured Whitepaper 5 Best Practices for Smartphone Support Researchers say the new exploit is particularly dangerous because PDF files, the attack vector, are not filtered at email gateways like .exe files Microsoft security response team member Bill Sisk issued a warning via the Microsoft Response Centre Blog yesterday admitting that applying a security update from Adobe does not fix the vulnerability and Microsoft is working feverishly to patch the flaw. "Third party applications are currently being used as the vector for attack and customers who have applied the security updates available from these vendors are currently protected. However, because the vulnerability mentioned in this advisory is in the Microsoft Windows ShellExecute function, these third party updates do not resolve the vulnerability – they just close an attack vector," wrote Sisk. "As part of our SSIRP process we currently have teams worldwide who are working around the clock to develop an update of appropriate quality for broad distribution. Because ShellExecute is a core part of Windows, our development and testing teams are taking extra care to minimize application compatibility issues." According to Finnish security company, F-Secure , an unknown party has been sending out tens of thousands of mails with subject-lines like: Your credit report; Personal Financial Statement; Your Credit File; and Balance Report. The mails contain no mail body, only an attachment called "report.pdf". When opened, the PDF file uses the CVE-2007-5020 vulnerability via Acrobat Reader and IE7 and downloads further malware from a server in Malaysia. The target of the malware seems to be to create a botnet of infected machines to be used for further malicious activity. F-Secure writes on its site. "We're worried about this case, as PDF attachments are typically not filtered at email gateways", says F-Secure's Chief Research Officer Mikko Hypponen. "Executable files are now stripped almost everywhere, but PDF is stripped almost nowhere". "Also, a security update for Acrobat Reader was just made available few days ago, so there are tons of users who haven't had a chance to update yet". As always, advisors say the best way to protect yourself is not to open dodgy emails. Could another way possibly be to migrate from Windows to something else - say Linux? Tags See All Tags Security Stan Beer Viruses Windows Powered By Joomla Tags Please enable JavaScript in your browser to post your comment!

< Next story in category		Previous story in the category >

Sponsored Releases

Open Text Deepens Integration with SAP® Solutions

As Christmas Nears, AVG (AU/NZ) Advises Shoppers How to Stay Safe Online

Progress Software Successfully Enables SaaS Deployment in the Cloud for Fifth Year

British Airways selects Progress Software SOA Solutions to upgrade the travel experience

...Promote your press-releases here

Latest jobs

User Experience Architect (C4)
Consulting Services Branch Manager
Process Analyst X 4 (M4)
Content Co-Ordinator (M3)
Senior .Net Developer (M3)
Business Analyst (M17)
Test Lead
Senior Business Analyst
Business Analyst - Financial Markets, Ops focus
Technical Business Analyst - BI & DW - Contract

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Today on iTWire

BeerFiles is an in-your-face and sometimes irreverent blog concerning all things to do with IT, technology, people and the media from the point of view of a hard boiled technology journalist and commentator.

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking