Slashdot Mirror

← Back to Stories (view on slashdot.org)

Adobe Finally Fixes Remote Launch 0-Day

Posted by kdawson on from the stay-safe-out-there dept.

Trailrunner7 sends in this excerpt from Threatpost (Adobe announcement here): "Adobe today shipped a critical Reader/Acrobat patch to cover a total of 17 documented vulnerabilities that expose Windows, Mac, and Unix users to malicious hacker attacks. The update, which affects Adobe Reader/Acrobat 9.3.2 and earlier versions, includes a fix for the outstanding PDF '/Launch' functionality social engineering attack vector that was disclosed by researcher Didier Stevens. As previously reported, Didier created a proof-of-concept PDF file that executes an embedded executable without exploiting any security vulnerabilities. The PDF hack, when combined with clever social engineering techniques, could potentially allow code execution attacks if a user simply opens a rigged PDF file." Relatedly, Brian Krebs blogs about the downsides of Adobe's increasingly Byzantine update process.

82 comments

  1. It's not a 0-day anymore.... by snowraver1 · · Score: 4, Insightful

    Why is every unpatched exploit a 0-day attack? Wouldn't this be more like a multi-month exploit?

    --
    Copyright 2010. All rights reserved. This comment may not be copied in any way including, but not limited to caching.
    1. Re:It's not a 0-day anymore.... by spazdor · · Score: 1

      I logged in to ask exactly this.

      If a company patches 0-day exploits, their dev team is really on top of shit.

      --
      DRM: Terminator crops for your mind!
    2. Re:It's not a 0-day anymore.... by Darkness404 · · Score: 3, Informative

      Because its an attack out in the wild that the developers didn't know about and before a patch can be shipped.

      --
      Taxation is legalized theft, no more, no less.
    3. Re:It's not a 0-day anymore.... by Monkeedude1212 · · Score: 1

      If a company patches 0-day exploits, their dev team is really on top of shit.

      Or bumbling GENIUSES. Since the definition of a 0-day exploit is a vulnerability the developers don't know about.

    4. Re:It's not a 0-day anymore.... by Anonymous Coward · · Score: 0

      IIRC, the /Launch functionality was in the PDF specification. So that would make this a "multi-year" or "was-there-all-the-time-just-no-one-cared-until-recently" vuln.

    5. Re:It's not a 0-day anymore.... by vawarayer · · Score: 5, Funny

      Details in the PDF file attached to this e-mail.

    6. Re:It's not a 0-day anymore.... by spazdor · · Score: 1

      Nah, 0-day remains 0-day throughout the first ("zeroth") day in which it's released. So if the devs can get a patch out the door the same day that the exploit is first disclosed in public, it counts.

      --
      DRM: Terminator crops for your mind!
    7. Re:It's not a 0-day anymore.... by Jacked · · Score: 0, Redundant

      I thought that was pretty funny. I don't have any mod points, so I'll just leave this reply, instead.

    8. Re:It's not a 0-day anymore.... by Skuld-Chan · · Score: 3, Informative

      The difference is how much warning you get. Most of the security bugs Adobe fixes are found internally (you'll never hear about those - unless it greatly affects product functionality), and even those told to them externally by 3rd party researchers they usually get a several month lead time.

      Zero day bugs are where some guy says "surprise look what I found" on his blog without any warning despite how long a bug takes to fix.

    9. Re:It's not a 0-day anymore.... by TangoMargarine · · Score: 1

      Yes, I wish every exploit could just be called an exploit (sans "zero day" in front of everything) unless it's specifically 1) a vulnerability the company has chosen not to fix, or 2) a vulnerability some guy somewhere knew about but hadn't used in order to keep it valuable. It's like if we were to start calling Microsoft Office "Microsoft Office for Windows" incessantly. It's assumed, unless you're specifically on a Mac or running it in WINE or something.

      I'm pretty sure. Amiright?

      --
      Unity? Screw that: XFCE. Slashdot Beta? Screw that: SoylentNews. Australis? Screw that: Pale Moon. UX developers DIAF
    10. Re:It's not a 0-day anymore.... by Monkeedude1212 · · Score: 1

      I don't know of any company that has managed to do that though. In most cases, they are aware of the exploit at least a day before patching it. I mean, I can't imagine finding a solution, implementing it, and fully testing it in under 24 hours. I CAN imagine finding a solution, implementing it, and pushing it out, but that's dangerous.

    11. Re:It's not a 0-day anymore.... by tomhudson · · Score: 2, Informative

      Not so hard to do with web platforms, where "pushing it out" means changing a file or two on a server.

      Of course, we've seen (here on slashdot) what happens when you try to do that too often ... but most of us have probably been in a situation where we're told to shell into the box and manually edit a file "right now!!!" with a best-guess way to stop something from being a problem, even if it's only to disable certain functionality temporarily while you work out a real fix.

    12. Re:It's not a 0-day anymore.... by grcumb · · Score: 3, Informative

      Zero day bugs are where some guy says "surprise look what I found" on his blog without any warning despite how long a bug takes to fix.

      No, zero-day exploits are are... (wait for it) actively exploited in the wild before the first 'look what I found' ever appears.

      --
      Crumb's Corollary: Never bring a knife to a bun fight.
    13. Re:It's not a 0-day anymore.... by Skuld-Chan · · Score: 1

      Isn't that kinda what I said?

    14. Re:It's not a 0-day anymore.... by Anonymous Coward · · Score: 0

      that is evil

    15. Re:It's not a 0-day anymore.... by lennier · · Score: 2, Insightful

      Nope. Exploitation and disclosure are two completely different things.

      If you've found an unpatched exploit and you're a black hat, are you going to blog to the whole world about it? Or quietly add it to your botnet kit without telling anyone?

      If the second, it's a 0-day. No warning, no defense, no lead time, just blam, click the wrong web page, read the wrong email, or open the wrong PDF and you're rooted without knowing it.

      --
      You are not a brain: http://books.google.com/books?id=2oV61CeDx-YC
    16. Re:It's not a 0-day anymore.... by grcumb · · Score: 1

      Isn't that kinda what I said?

      No, that's kinda what you implied, but you left the door open for people to infer that you also meant that a zero-day was when a researcher announced a potential exploit without warning anyone else.

      --
      Crumb's Corollary: Never bring a knife to a bun fight.
    17. Re:It's not a 0-day anymore.... by tanikaray24 · · Score: 0, Troll

      Thank you all so much for your comments and support http://www.baiyokefactory.com/

    18. Re:It's not a 0-day anymore.... by mcgrew · · Score: 1

      When I got up this morning and fired up the little netbook, I got a message saying that Adobe had an update -- but the thing wasn't even on the internet; there were no local wifi signals this morning.

      I wonder if it's really the patch, or if the Adobe bug let someone in my box? I dread internet security updates, and wish that, with software I've paid for at least (not free stuff like PDF readers) they'd snail mail a CD to me.

      --
      Free Martian Whores!
  2. Another PDF reader by Anonymous Coward · · Score: 1, Informative

    Missing from the summary is gsview. It makes a very secure pdf reader that works on windows, although it certainly isn't anything nice to look at. Uses ghostscript for the backend.

  3. Re:Still I don't know by The+MAZZTer · · Score: 2, Funny

    At first I thought you were just clueless, then I realized you were just a troll, now I'm just confused.

  4. The Microsoft Word of PDF viewers by MacCoder · · Score: 5, Informative

    For the 90% of us who don't require all the minutiae of functionality and cruft which Adobe Reader offers, there are options. Obviously Mac folk are covered by Apple's built in Preview, but on Windows, Sumatra PDF is amazing and ridiculously small. It's better than Foxit, in my opinion, for barebones PDF viewing in Windows. Check it out! http://blog.kowalczyk.info/software/sumatrapdf/index.html

    1. Re:The Microsoft Word of PDF viewers by MobileTatsu-NJG · · Score: 1

      Seconded. I use a portable version of it found at portableapps.com. We've found that to be friendly at places that don't let you have admin access to your machine for things like installs.

      --

      "I like to lick butts!" by MobileTatsu-NJG (#32700246) (Score:5, Informative)

    2. Re:The Microsoft Word of PDF viewers by FinchWorld · · Score: 1

      I've always had issues with sumatra, it seems to render some datasheets incorrectly, every now and again it'll consume 100MB+ ram, though that goes away when closing reopening pdfs, but most annoying is it'll happly stretch and print landscape documents on portrait (though you told it not too) and create several megabyte files to send to the xerox (which it really doesn't like).

      Im having better look with foxit, even if it isn't as light weight.

      --
      "I may be full of crap about this game, and I may be wrong, and that's fine." -Jack Thompson
    3. Re:The Microsoft Word of PDF viewers by lgw · · Score: 3, Interesting

      Sadly, my employer has chosen a payroll provider (ADP) that requires Adobe Reader specifically to view paystubs. Foxit won't work, nor will any of the other options (apparantly Acrobat has some stupid web toolbar option that's beyond PDF). Why would anyone do that? Now when I need to see my paystub I have to download 200MB of Adobe cruft, then later uninstall it along with Adobe Download Manager and a bunch of other crap that Adobe stuffs in along the way. Man, I hate Adobe these days.

      --
      Socialism: a lie told by totalitarians and believed by fools.
    4. Re:The Microsoft Word of PDF viewers by glwtta · · Score: 1

      I'm not seeing how it's better than Foxit. Rendering seems to be slower, for one thing. And the minimalist tool bar is great and everything, but having the zoom control buttons accessible in one click is handy (or to put it another way, hiding them in a menu is annoying). No tabs, either.

      --
      sic transit gloria mundi
    5. Re:The Microsoft Word of PDF viewers by laptop006 · · Score: 1

      Mine uses ADP as well, but Evince on Linux works fine for me.

      --
      /* FUCK - The F-word is here so that you can grep for it */
    6. Re:The Microsoft Word of PDF viewers by Zadaz · · Score: 1

      Ever since Google put a PDF reader in Chrome it's been all I need for most things. Simple, fast, no cruft.

      (To use it you need the dev version of Chrome. To enable it go to chrome://plugins/ and click on "Enable" for the "Chrome PDF Viewer" plug-in.)

    7. Re:The Microsoft Word of PDF viewers by tehcyder · · Score: 1

      Wouldn't it be easier just to get them to print it out and post (snail mail) it to you?

      --
      To have a right to do a thing is not at all the same as to be right in doing it
    8. Re:The Microsoft Word of PDF viewers by lgw · · Score: 1

      That doesn't seem to be an option. Having them printed out and sent to the receptionist for hand distribution didn't fill me with joy.

      --
      Socialism: a lie told by totalitarians and believed by fools.
  5. Re:Still I don't know by xie · · Score: 2, Informative

    You would have to be running pre-10.1 version of flash first. Then the exploit would have to force your system to execute code that was written for *nix. Since Windows is the majority of the market I doubt anyone has taken the time to write such code for this exploit. I think your safe. :)

  6. Re:Still I don't know by s122604 · · Score: 0, Troll

    Clueless (about this), not a troll, I truly just don't know.

    If I have flash plugins installed, but not acrobat, and I did my browsing in an account without admin privileges, how vulnerable would I have been?
    If you can't answer, perhaps you are clueless as well?

  7. I Uninstalled Adobe Reader by puppetman · · Score: 1

    after reading the summary and the Brian Krebs blog. I realized that Adobe is shipping a buggy, risky piece of software.

    I installed Foxit Reader (minus the Ask.com search bar)..

    It seems much snappier, and is significantly smaller.

    1. Re:I Uninstalled Adobe Reader by Skuld-Chan · · Score: 3, Informative

      It's not like Foxit is completely without security flaws either.

    2. Re:I Uninstalled Adobe Reader by Skuld-Chan · · Score: 4, Informative

      And doing just a bit of research - Foxit only fixed this exact same bug 2 weeks earlier than Adobe.

    3. Re:I Uninstalled Adobe Reader by Anonymous Coward · · Score: 0

      The Krebs article has several inaccuracies, at least for 9.x (can't remember for 8.x):

      - There is no need to update from the Adobe web site unless you're upgrading major versions. Acrobat.com is a trivial opt-out (wish it was opt-in instead, but no way would Adobe do that). I don't know of any way to apply patches (MSP files) like 9.3.3 via the Adobe web site, except by navigating (eventually) to the list of available downloads, which few end-users would ever need to do.

      - I don't recall any check for a "security scanner or a toolbar", and I would know if I were forced to install that crap, because I despise that kind of thing. I assume it was an easy opt-out at worst.

      - The user doesn't have to download the Adobe Download Manager. It is installed with any "full" installation of Adobe Reader, and it updates itself automatically when run.

      - Adobe provides the software for free, and he wants to bitch about ads in the new Updater? I don't like the ads either, but it's not unreasonable for a commercial company to try to get some business off a free product. It's not like they pop-up in the middle of reading a PDF, it's just during an update (although guaranteed to be frequent due to all the security problems).

      - He's right that Adobe Reader is at 9.3.0, but he's wrong about needing one update for 9.3.3. It actually needs two patches, because the 9.3.3 patch only installs over 9.3.2. So the 9.3.2 patch must be applied first (it installs over 9.3.0 & 9.3.1). The new Updater might streamline that now, but it hasn't been able to do so in the past.

      - The user doesn't have to wait "a minute or two for the Reader Update icon to appear in the Windows taskbar". The user can easily check for updates via a menu entry, just like current versions of Firefox, FileZilla, and a host of other apps. If they don't, the Updater will remind them (from the taskbar), unless the user has disabled update checking.

      He's right to complain about the reboots, though. It's basically a file viewer - patches shouldn't require a reboot unless some plug-in portion of it is loaded in a browser or other running application. The reboot requirement is ridiculous.

      Some of his other complaints are reasonable, but if Krebs is this sloppy with something as simple as Adobe Reader patches, I think I'll be skipping his blog.

      - T

      P.S.: The captcha was "rectum". No shit.

    4. Re:I Uninstalled Adobe Reader by ozphx · · Score: 1

      I did this. I also uninstalled Java after getting pwned by that crap that breaks out the sandbox and manages to set your proxy to loopback before crapping on about all the "viruses" you are infected with.

      Seriously only going to use addins that run in-process now - at least I slightly trust the CreateRestrictedToken API that IE8/Chrome use for tab processes.

      --
      3laws: No freebies, no backsies, GTFO.
  8. Re:Still I don't know by Anonymous Coward · · Score: 1, Insightful

    Don't get fooled into thinking a non-admin account is safe. Sure, unless you're root they probably can't set up a mail server, but check out all the files in your Documents directory. See anything the has financial information? Maybe a password list (encrypted or not)? How about email, do you store it on your computer? Do you use your browser to access any useful websites like email or banking sites? If you create a dummy account with highly restricted access (ie, you know what you're doing) you can protect yourself pretty well. Running a VM you never use for anything important is even better. Being complacent and thinking they'll never write a virus for Linux is a recipe for disaster (Google Gentoo malware, Unreal IRC malware, etc. and see how malware made it into REPOSITORIES let alone can be installed as a trojan).

  9. Re:Still I don't know by Teun · · Score: 1
    You are clueless, what does Flash have, except the brand name Adobe, in common with Acrobat Reader?

    Anyhow, would this have been a Flash vulnerability it could have affected the account you work in.

    --
    "The likes of Facebook and WhatsApp are free to those whose privacy is of zero value."
  10. Re:Still I don't know by sitharus · · Score: 1

    As this is an issue in Adobe Acrobat and Adobe Reader and you don't have either of them installed, you're not affected by this bug. It's very hard for software you don't have installed to cause problems.

    There are other bugs in Flash though, they may cause problems, but this isn't one of them.

    --
    --sitharus
  11. Re:Still I don't know by Teun · · Score: 1

    Doh! What does an Acrobat Reader vulnerability have to do with Flash?

    --
    "The likes of Facebook and WhatsApp are free to those whose privacy is of zero value."
  12. Thanks, but no thanks. by mapuche · · Score: 1

    Thanks for the link. Comparing some documents side by side between Foxit and SumatraPDF, Sumatra rendering has some issues with gamma and images. Text rendering is a little better in Foxit. I can live with the yellow blank starting page, though.

    1. Re:Thanks, but no thanks. by drinkypoo · · Score: 1

      SumatraPDF fills a nice niche. If you hardly ever use Windows, it is sufficient for most purposes (occasional PDF viewing.) I have three windows systems which I use for gaming and stuff like that (e.g. a netbook which runs streets and trips; there's no good Linux navigation software.) They all have SumatraPDF and I've never been unable to read anything I've opened with.

      It has long since gotten to the point where PDF is easier to deal with on Linux than Windows. Especially since if you really have to, you can run acroread, but there are so many valid competitors that I haven't needed to in years.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  13. Re:Still I don't know by Monkeedude1212 · · Score: 1

    I have used my ubuntu machine at home to look at several questionable flash based websites in the last few weeks

    Well... Umm... You see, this fix has nothing to do with Flash, it's entirely in Adobe Reader...

    But... Perhaps you should do a scan just in case. I'm not sure how questionable the sites you visit actually are, but if they are half as questionable as the sites I visit, you probably caught Erectile Dysfunction or something from just looking at it.

  14. MSP installer by darthservo · · Score: 4, Informative

    The MSP Installer is also available for those who may use Adobe Reader in silent installs/updates.

    Side rant: Why does Adobe still only offer the unpatched versions of Reader on their front page?

    --

    Prove it.

    1. Re:MSP installer by jo42 · · Score: 1

      In the past, we delivered Adobe Reader updates as full installers or patches (for instance, 9.x = full installer, 9.x.y = patch). The Adobe Reader Download Center at http://get.adobe.com/reader always offers the most recent full installer of Adobe Reader, which is currently Adobe Reader 9.3. After installation, the Adobe Reader Updater will automatically check and offer the latest patches to keep end-users up-to-date (as of today, the latest patch is Adobe Reader 9.3.3).

      What a bunch of incompetent ass clowns. They can't even offer up a downloaded-able 9.3.3 install yet. You have to do it in two stages. If I was running the show, the people that crapped out this dung-pile would be looking for work tomorrow morning.

    2. Re:MSP installer by Jesus_666 · · Score: 1

      What do you expect? This is Adobe we're talking about. Their name has been translating to "half-assed software development" for the last couple years.

      --
      USE HOT GRITS WITH STATUE OF NATALIE PORTMAN (NAKED AND PETRIFIED)
    3. Re:MSP installer by Anonymous Coward · · Score: 0

      Can't? Or won't, so that you have to install their "Download Center", "Reader Updater" and all that other unnecessary crap?

  15. Re:Still I don't know by lgw · · Score: 3, Informative

    Apparantly, the same vulnerability existed in both products (Flash was patched a couple of weeks ago). I'm not sure how that works - I thought this was the vulnerability inherent in the PDF spec (Foxit had a patch out the same week this was disclosed).

    --
    Socialism: a lie told by totalitarians and believed by fools.
  16. :( multi-step update by Arakageeta · · Score: 1

    Ugh. I just updated on my Mac running 10.6.4. It looks like Adobe is still distributing Reader 9.3.0 as the default distribution package. I had to download/install this version and then apply individual patches for 9.3.1, 9.3.2, and finally 9.3.3. Annoying.

    Perhaps it would have been easier had I updated from within Reader?

  17. is this distributed through windows update? by Anonymous Coward · · Score: 1, Funny

    is it? oh shit

  18. Was it ever a 0-day? by SanityInAnarchy · · Score: 1

    I only saw a proof-of-concept. Have people actually been exploiting this?

    --
    Don't thank God, thank a doctor!
    1. Re:Was it ever a 0-day? by drinkypoo · · Score: 1

      I only saw a proof-of-concept. Have people actually been exploiting this?

      Further, there are 24 hours from first disclosure to the end of when you can call it a Zero-day exploit. But I think that you still get to call it a Zero-day exploit after days have passed.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    2. Re:Was it ever a 0-day? by chrisG23 · · Score: 1

      Yes. If you do a google search for CVE-1297 (going from memory here, the CVE number might be off (CVE's are the numbering scheme used by the Mitre organization. One of the things they do is publish details on exploits/vulnerabilities as they happen, and security people use them as a reference point)) zero day you will find some analysis that was done on a pdf found in the wild.

  19. Re:Still I don't know by s122604 · · Score: 1

    Thank you for the kind explanation

    I still don't understand why I was modded down to troll, twice
    my question wasn't intended to offend/inflame anyone, but apparently it did

  20. Re:I don't get it... by colinrichardday · · Score: 1

    I didn't see any MathML tests, and Firefox supports MathML rather well.

  21. Worse on 10.5.8/PPC by Ilgaz · · Score: 1

    This time, whatever these idiots did, the jump from 9.3.0 to 9.3.3 doesn't work at all. It may have something to do with the idiotic "repair adobe pdf viewer" plugin dialogue, which has no title and opens at background, unclickable.

    Idiots (hopefully they read) still install Adobe Updater to Utilities but they were lazy to feed it with data so, the dedicated (and working) Updater doesn't work too. Of course, it is still added to launchd per user schedule.

    Man how worse you can get? I mean, I am not like those "Use Preview" guys, I actually hate that Quartz shell and I am in process of uninstalling all traces of Acrobat on my entire network for the first time since 1994. You should be glad you run Intel Mac, I actually have 10.4.11 and "Classic" emulating capability. Just yesterday, I launched the Classic/Adobe Reader (5) and was ashamed on behalf of them. That was some real cool, quality software on Mac it seems.

    A user uninstalling and giving up Adobe Reader for the first time since 1994, I hope they will lay off Apple/Mac developer team first while going down.

    Thank God Apple has some kind of X11 and I actually plan to use kpdf or even xpdf on this Mac Mini which has special needs (connected to 720P).

    IMHO they should pray Steve Jobs doesn't have Adobe Reader on his system.

  22. Downloads Adobe Reader 8.2.3 update by Anonymous Coward · · Score: 0

    http://www.adobe.com/support/downloads/thankyou.jsp?ftpID=4692&fileID=4425

  23. It is 0 day but Adobe isn't sane so... by Ilgaz · · Score: 1

    Normally, a "0 day attack" accompanied with some black background, text like html page occuring means

    1) Company doesn't take it serious and demonstrates their own case or explains why it is non issue for 99.9% (of course, add to fix list)

    2) Company takes it serious (sends out an emergency hotfix which may remove functionality and not very tested but, it works until real thing ships)

    As Adobe took it serious but didn't ship a God damn ".bat" file (yes, ms-dos .bat is enough) to remove the component which isn't actually used you got confused.

    It is indeed a 0 day but, Adobe isn't a sane company anymore.

  24. Thanks for the fix, adobe by eudaemon · · Score: 0, Offtopic

    I appreciate they probably had some QA to do in order to release this puppy and it took a while, but I loaded Evince, un-installed flash and called it a day. If you can't see it on youtube using their HTML 5 beta then that's a real good time to boot up Linux even if it's just in Xen or Oracle/Sun Virtualbox running on Windows. It works just fine for web browsing and less zero day exploits.

  25. Re:Still I don't know by LordLimecat · · Score: 1

    Sure, unless you're root they probably can't set up a mail server,

    Whys that exactly? Does opening sockets require admin now?

  26. Re:Still I don't know by Dog-Cow · · Score: 1

    In Unix, for port 25? Yes.

  27. Horray! by Zadaz · · Score: 1

    It's been nearly a week since I updated Reader! About time for another download install and unnecessary reboot!

    Every single time Reader/Acrobat updates it resets its self as the default viewer. That's completely inappropriate behavior, especially for a 'security update'. (And no, I can't uninstall it. Job requires proofing PDF in Reader just like all my poor clients.)

    I saw/overheard this in a bar recently (seriously):
    Girl: So where do you work?
    Guy: Adobe.
    Girl: Oh yeah, you're the guys always asking me to update and reboot. *walks away*

    1. Re:Horray! by Tteddo · · Score: 1

      Hah! I had a client tell me about a problem with the font size on their website (it's already dynamic, set at 1em). His proof was that the person that complained worked for Adobe. Yeah, you know that Reader thing that bugs you all the time? That's Adobe.

  28. Adobe, stop forcing restarts by scdeimos · · Score: 1

    When using ExitWindowsEx() at the end of your patch install, don't use the damned EWX_FORCE flag. It doesn't even give users enough time to respond to the "Save? Yes/No/Cancel" dialogs popping-up before the applications are kill -9'd and users lose all their unsaved data.

    1. Re:Adobe, stop forcing restarts by butlerm · · Score: 1

      If the Windows developers had a clue, they would make it so that application developers could update their software without requiring a reboot much of the time. Reboot intervals should be measured in years, not hours.

      The Windows mandatory file locking scheme is brain damaged. Windows filesystems need to support a mode where a file can be replaced (Unix style) without disturbing people who currently have a file open for read only access (like running executables, for example).

  29. Re:Still I don't know by Tim+C · · Score: 1

    But since when did a botnet node's mail server have to listen on port 25?

    --
    It's official. Most of you are morons.
  30. Re:Still I don't know by Achromatic1978 · · Score: 1
    Why would a botnet node be running a mail server?

    For spam, it could receive encrypted email through an RPC or other socket, and run an SMTP client.

    Seriously, I think the first RBL check 99% of mail servers out there do is for "is originating SMTP server on a dynamic or residential connection".

  31. Re:Still I don't know by chill · · Score: 1

    As this is an issue in Adobe Acrobat and Adobe Reader and you don't have either of them installed, you're not affected by this bug.

    Would that this were so. One of the issues was with the PDF spec itself. Other PDF tools, such as Fox-It, were affected as well and patched recently.

    --
    Learning HOW to think is more important than learning WHAT to think.
  32. Re:Still I don't know by ThatsNotPudding · · Score: 1

    Apparently, the same vulnerability existed in both products (Flash was patched a couple of weeks ago). I'm not sure how that works

    Because both were built upon the same solid Adobe bedrock of swiss cheese, spaghetti code, and apathy.

  33. About freakin time by hesaigo999ca · · Score: 1

    It's about time, however there are still a few more exploits that have not been addressed....until these have been fixed too, i am sticking to fox it pdf reader....

  34. Re:Still I don't know by Anonymous Coward · · Score: 0

    Apparently you aren't as smart as you think you are, asshole

  35. Re:Still I don't know by mcgrew · · Score: 1

    He's trying to be funny. Not sure if he's succeeding (I was up late last night and my cerebral cortex is malfunctioning this morning).

    --
    Free Martian Whores!
  36. Re:Still I don't know by mcgrew · · Score: 1

    Check your email, I'm sure you can find some cheap v1agra.

    --
    Free Martian Whores!
  37. Re:Still I don't know by lgw · · Score: 1

    I think it's mostly the apathy. PDF was really great when it was new, and really was a page description format not a web portal. Far beteter than sending ps files to the printer when it took 10 mintues per page just to send the bits. Adobe pisses me off so much because they used to be genuinely innovative and useful.

    --
    Socialism: a lie told by totalitarians and believed by fools.
  38. Any good reader for Win98? by UBfusion · · Score: 1

    Thanks for bringing up Sumatra - do you happen to know any good pdf viewer for windows 98? (I tried Foxit 2.x but it's buggy as hell in win98).