Slashdot Mirror

← Back to Stories (view on slashdot.org)

Adobe's Reader X Spoils New PDF Attack

Posted by timothy on from the stopped-clock-can-still-be-thrown-with-force dept.

CWmike writes "Gregg Keizer reports that Adobe's Reader X stymied a recent attack campaign, researchers said Thursday. But they're not sure why. 'I don't want to take anything away from Adobe — after all, a win is a win — but this particular exploit appears to be designed with previous versions of Reader in mind,' said Chris Greamo, who heads the security research lab at Invincea. 'What appears to have happened is that the exploit breaks, but we don't have a good sense if the sandbox was able to contain it.' Reader X, an upgrade issued last year, features a 'sandbox' designed to protect users from PDF exploits. Adobe claimed that a recently-addressed bug in Chrome that lets attackers escape the browser's sandbox was not present in Reader X's sandbox code. Google patched that bug, the first to earn the company's top bug bounty of $3,133, three weeks ago. Adobe said Thursday it will would ship its next regular update for Reader on Tuesday, Feb. 8."

13 of 72 comments (clear)

  1. That's just sad. by ChrisMP1 · · Score: 2, Insightful

    PDF reader... sandbox...

    A Document Format that needs a sandbox. I don't have a sandbox around my text editor, nor my PNG viewer, nor my MP3 player... Tell me again, why do we need our document formats to be little programming languages?

    --
    <sig>&nbsp;</sig>
    1. Re:That's just sad. by ChrisMP1 · · Score: 2

      Better question, though off topic - why is Adobe's PDF viewer over 10 MB?

      $ du -h /usr/bin/xpdf.bin
      1.3M /usr/bin/xpdf.bin
      $ du -sh /usr/share/xpdf
      76K /usr/share/xpdf

      --
      <sig>&nbsp;</sig>
    2. Re:That's just sad. by rudy_wayne · · Score: 4, Insightful

      PDF reader... sandbox...

      A Document Format that needs a sandbox. I don't have a sandbox around my text editor, nor my PNG viewer, nor my MP3 player... Tell me again, why do we need our document formats to be little programming languages?

      The problem is Adobe Acrobat Professional, or whatever they call their expensive software for creating PDFs. In order to get people to keep buying new versions they have to keep adding more and more features. Which means that Adobe Reader has to be constantly updated so that it can read PDFs with all those new features. New features equals new bugs and security exploits.

    3. Re:That's just sad. by icebraining · · Score: 4, Informative

      I don't have a sandbox around (...) my PNG viewer

      Microsoft Security Bulletin MS05-009: Vulnerability in PNG Processing Could Allow Remote Code Execution

      (...) nor my MP3 player

      Winamp MP3 Player Lets Malicious MP3 Files Control the Winamp Mini-browser and Cause Arbitrary HTML Scripts to Be Executed

      --
      Dilbert RSS feed
    4. Re:That's just sad. by ChrisMP1 · · Score: 4, Insightful

      Well, a PDF is supposed to portably appear exactly as it will print. Pretty sure that's not possible with HTML.

      --
      <sig>&nbsp;</sig>
    5. Re:That's just sad. by tepples · · Score: 2

      So, tell me again why you would pay for that instead of just making a web page

      Because popular web browsers' CSS engines still have crap support for paged media, or at least they have such a reputation.

    6. Re:That's just sad. by diegocg · · Score: 2

      Another good question is why a document viewer needs to add a preloader to HKLM\Software\Microsoft\Windows\CurrentVersion\Run.

    7. Re:That's just sad. by v1 · · Score: 4, Insightful

      A Document Format that needs a sandbox. I don't have a sandbox around my text editor, nor my PNG viewer, nor my MP3 player... Tell me again, why do we need our document formats to be little programming languages?

      Any program that interprets untrusted information could benefit from a sandbox. While directly it prevents the interpreted code from explicitly accessing outside its bounds, it also protects the system from bugs in the interpreter that could cause the interpreter itself to perform actions outside its environment.

      Since you mention PNG, I have seen examples of security patches for PNG and TIFF viewers that addressed security problems because it was possible to execute arbitrary code based on a bug in the viewer's interpretation of the picture data. (usually through overflows)

      This came as a surprise to me with TIFF because I thought TIFF was raw uncompressed picture data and that would be immune to interpretation, but that was not the case.

      --
      I work for the Department of Redundancy Department.
    8. Re:That's just sad. by ChunderDownunder · · Score: 2

      Bells and Whistles take up space.

      Also, you're comparing apples and oranges. xpdf is ugly and, last I checked, lacking features. A fairer comparison would be with the flagship open source pdf reader, namely Okular. The file size may still be smaller but remember the Qt/KDE shared libraries it loads.

    9. Re:That's just sad. by ChunderDownunder · · Score: 2

      I use Gnome (haven't been back to KDE since 3.5) but I think Okular is a better document reader. I don't complain about the download size because I accept that a more sophisticated, polished UI brings in a bunch of dependencies that just using X won't provide.

      On Windows, plenty of applications don't using the native Win32 toolkit. As an example, develop using Visual C++, with a toolkit such as MFC? A bunch of libraries need to be distributed with your app, even if the installer hides them under c:\windows. No, they don't come with XP SP3.

      Xpdf uses primitive X11 widgets, not even Gtk+ or the abovementioned Qt. No surprise that it has a small binary size but don't expect it to run natively on wayland! I can think of a number of reasons why Adobe Reader might be considered bloated but comparing its binary size to Xpdf is way down on the list.

    10. Re:That's just sad. by Celarent+Darii · · Score: 2

      Disk usage of the wrapper is hardly a fair measure. Link the size of the dynamic libraries loaded as well. You will see that the amount of memory to run xpdf is much larger than 76k.

      Depends on your system of course.

  2. and people wonder why Flash is Evil by Salvo · · Score: 3, Informative

    The problem is homogeny of the market.
    If every user has the same version of the same PDF reader, an exploit can spread to everyone.
    If an exploit won't affect people using Chrome PDF Viewer, Foxit Reader, gPDF or XPDF or Mac OS X Preview, it severely restricts the effectiveness of the exploit.
    If everyone uses Adobe Reader on Windows, Mac OS X, Linux and mobile devices, an exploit like this can affect everyone.

    While there are 3rd Party implementations of Flash Players, Adobe Flash Player is still ubiquitous. Adobe evolve the "standard" for commercial reasons with every version, leaving 3rd Party implementations behind and incompatible with new versions of the "standard".

  3. Re:Brilliant Adobe Developers by Anonymous Coward · · Score: 2, Informative

    It's not Adobe that was wondering why, it was the researchers at Invincea.

    At least that's what the summary says.