Slashdot Mirror

← Back to Stories (view on slashdot.org)

Homemade PDF Patch Beats Adobe By Two Weeks

Posted by kdawson on from the p-d-q dept.

CWmike writes "Sourcefire security researcher Lurene Grenier has published a home-brewed patch for the critical Adobe Reader vulnerability that hackers are exploiting in the wild using malicious PDF files, beating Adobe Systems Inc. to the punch by more than two weeks. Grenier posted the patch on Sunday with the caveats that it applies only to the Windows version of Adobe Reader 9.0 and comes with no guarantees. Also, PhishLabs has created a batch file that resets a Windows registry key to de-fang the hack by disabling JavaScript in Adobe Reader 9.0, giving administrators a way to automate the process."

14 of 238 comments (clear)

  1. Registry hack by coulbc · · Score: 5, Interesting

    We figured that one out in about five minutes. Wrote a quick group policy file and moved on to the next problem.

  2. Feature Request by ewhac · · Score: 5, Insightful
    Since Adobe seems to (incorrectly) think JavaScript inside PDFs is a great idea, how about adding this feature:

    When loading a PDF, if Reader sees there's JavaScript that wants to run, Reader pops up a dialog along the lines of, "Hey, this file contains executable code which is, y'know, kind of contrary to the whole concept of a 'document'. Do you want to allow the code to run? [Yes] [[Hell, No]]"

    This is the cheesy but mostly effective stopgap solution Microsoft adopted when Word became an infection vector for macro viruses. Unless Microsoft got a patent on it, I don't see any reason why Adobe couldn't also use the same approach.

    Schwab

    --
    Editor, A1-AAA AmeriCaptions
    1. Re:Feature Request by tkdrg · · Score: 5, Insightful

      When loading a PDF, if Reader sees there's JavaScript that wants to run, Reader pops up a dialog along the lines of, "Hey, this file contains executable code which is, y'know, kind of contrary to the whole concept of a 'document'. Do you want to allow the code to run? [Yes] [[Hell, No]]"

      Do you think that the average user will read anything before clicking "Yes"?

  3. JavaScript?! by Anonymous Coward · · Score: 5, Insightful

    Seriously, JavaScript? In a PDF file? Why would you do that?

    1. Re:JavaScript?! by TheRealMindChild · · Score: 5, Insightful

      PDF seems to be the poster child for "How to abuse a format in a way that is contrary to its nature". Clients send us PDF's FORMS now... that they want us TO EDIT! Not print out, hand write on, and perhaps fax back... but EDIT IT, like it is a Word Processor document. Explaining to these people why this is an abomination is like telling a hooker not to sleep with the guy with sores all over his body... it falls on deaf ears, and makes baby Jesus cry.

      --

      "When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
  4. Here's how you turn out a patch *real* fast. by fm6 · · Score: 5, Insightful

    You skip all testing. Just the sort of thing I want to install in my system.

    1. Re:Here's how you turn out a patch *real* fast. by AngryNick · · Score: 5, Insightful

      Here's another way to do it... dump Adobe's bloated reader (if you can get it uninstalled) and pick up Foxit. I find it much more useful and a lot faster to load.

  5. Wow by ClosedSource · · Score: 5, Funny

    You mean an individual who doesn't have a business to protect or any customers is able to come up with an un-QA'd version faster than the company that produced the product. Amazing!

  6. Re:Offensive by Anonymous Coward · · Score: 5, Funny

    I'll go for the secret third option, "because she's a feminist". Letting the world know what they find offensive is practically the feminists' national sport. Rather, it would be if they had their own country. And by God, I wish they did.

  7. There's a simple reason for that. by thePowerOfGrayskull · · Score: 5, Insightful

    As anyone who has developed complex software with a large installed userbase can attest to, you /cannot/ simply slap together a fix and push it out to millions of people.

    Even the simplest one line code change change requires extensive (if targeted) testing when you operate on that scale - the consequences of an "oops" that could result from a hasty fix could easily get far worse than the original issue.

  8. It's been Two Weeks since you made the patch ... by Anonymous Coward · · Score: 5, Funny

    Lurene Grenier has published a home-brewed patch for the critical Adobe Reader vulnerability ... beating Adobe Systems Inc. to the punch by more than two weeks.

    What the fuck Adobe? What did you do for those extra two weeks?

    it applies only to the Windows version of Adobe Reader 9.0 and comes with no guarantees.

    Oh ... I guess you were trying to make it work on all systems, and checking to make sure that it didn't royally fuck up the user's computer, or introduce another, potentially more serious vulnerability.

  9. Re:Offensive by Anonymous Coward · · Score: 5, Funny

    Yeah, you're right. It's terrible when people use an apostrophe when they mean "your".

  10. Re:Offensive by Anonymous Coward · · Score: 5, Funny

    Q: How many feminists does it take to change a lightbulb?
    A: That is NOT funny.

  11. Re:Offensive by JorDan+Clock · · Score: 5, Funny

    Q: How many feminists does it take to change a lightbulb?

    A: Four. One to change the lightbulb, three to form a support group.

    But really, it's a trick question because feminists can't change anything.