Idefense retreats in PDF scare

ON WEDNESDAY Symantec and iDefense announced that there was a terrible flaw in Adobe's PDF's which would be good-night Vienna to the known world, now it seems that it has changed its mind.

Associated Press quoted iDefense on Wednesday as saying that the flaw would allow cyber-intruders to attack personal computers through trusted web links.

"Virtually any website hosting portable document format, or PDF, files are vulnerable to attack," iDefense was quoted as saying.

This morning we got an email from Ken Dunham, director of the Rapid Response Team at iDefense saying that his outfit may have over egged the pudding a bit. He said that iDefense has since performed extensive lab tests of various DLL and executable files related to the Adobe PDF vulnerability.

Now it seems that only old versions of IE with Adobe Acrobat 6.X and ancient FireFox with Adobe Acrobat 7.X are vulnerable.

The best way of fixing the problem is to update Adobe Acrobat, he said.

If updating to Adobe Acrobat 8.X was not possible it was a good idea to remove plugin support for PDF files within the browser, disable JavaScript and configure PDF files to launch the Adobe Acrobat program instead of the plugin.

"While concern is high, due to the widespread use of Adobe products, the impact of this threat is somewhat limited," Dunham admitted.

This would be because the combination of old IE or Firefox and Adobe products is a bit rare, and probably not worth a hacker writing exploit code for. However for those who have not upgraded, exploitation of this vulnerability was a doddle, he said. µ