Wednesday, January 10, 2007

Happy New Month of Apple Bugs.

For many, the Portable Document Format (PDF) has become the de-facto standard for exchanging documents. In using PDFs, some wish to sidestep the risks of malware-prone Microsoft Office documents. But with the announcement of six new PDF-related vulnerabilities in several security forums last week, we should all now be more careful with PDFs.
The first five of these new vulnerabilities have to do with the Adobe Reader plugin. Attacks that exploit these flaws may result in one of more of these results: HTTP-response splitting, cross-site scripting, session forgery, session riding, denial of service, memory corruption, or code execution. This scary list of attack results notwithstanding, a user would have to open a malicious web URL for an attack to occur. Adobe has issued Adobe Reader 8 that remedies these flaws. The sixth new PDF vulnerability is also the sixth of the Month of Apple Bugs (MoAB) installment. If a malicious PDF document crafted to exploit this flaw were opened by a user, it would corrupt memory and could lead to code execution. I predicted in DataNews and also the EICAR newsletter one year ago already that problems like these would arise. Let's see what the New Year will give us concerning other Malware problems.
Let's see as well what the next days will give us ... ah, the yearly 'NOXS New Year diner' is something for tomorrow... I'll hope we don't have an outbreak of something at that moment.