Adobe Reader opens the PC hard drive door for hackers
Experts warned that a new vulnerability discovered in Adobe Reader could allow hackers to access the hard drive on the system that made the mistake.
Initially, security experts only thought that the Adobe Reader security error could only be exploited to steal data related to the web or serve the purpose of online fraud by "implanting" additional malicious JavaScript code. harm into links to PDF files.
However, after conducting a specific investigation, experts from WhiteHat Security and SPI Dynamics now warn that hackers can take advantage of exploiting this error to gain full access to the hard drive. The system uses Adobe Reader software to make mistakes.
Hackers can now no longer need to use a PDF file link on the Internet, but redirect the link to a PDF file directly on the system hard drive. Any barrier that prevents them from accessing the system has been broken.
" This means that any JavaScript code can help hackers gain full access to the system ," warns Billy Hoffman, SPI Dynamics' chief technology engineer. With malicious JavaScript code, hackers can read, delete, execute programs and even send data on the user's hard drive to them.
The above security error arises from the Adobe Reader browser plug-in. This plug-in suite allows you to call links to a PDF file and allows it to be displayed directly in the browser without opening the application, said Jeremiah Grossman, chief technology engineer of WhiteHat Security.
To successfully attack, an attacker must have a malicious link pointing to a PDF file on the network or on the target system. PDF on the Internet is a lot, but it is relatively difficult to find the exact path of a PDF file on a system that is wrong, Grossman said.
Next week there will be a patch
The Adobe representative said the company has confirmed the above error to continue further investigation of the security error. " Based on the information we have today we affirm that the attack capability is relatively low. "
To minimize the risk, Adobe recommends that users recommend that users upgrade to Adobe Reader 8 or disable the feature to enable PDF files directly in the browser.
Meredith Mills, an Adobe System spokesman, said next week Adobe will release the security patch.
Hoang Dung
- Hackers can 'hear' the sound from the hard drive to steal user data remotely
- Toshiba has a hard drive that automatically encrypts data
- Adobe Reader 'piggyback snake bite home
- Google launches a competitive format with Adobe Reader
- Adobe releases Reader 8
- Hackers distribute malicious code to attack Reader, Acrobat
- Adobe Reader has a dangerous ActiveX error
- A 5 TB hard drive will appear in 2013
- High-speed 32 GB Flash hard drive has appeared
- How does the hard drive work?
- 60 years ago how big 5MB hard drive?
- Hard drive capacity will be increased 5 times?