Home > Cloud Computing > Cloud Security

Adobe temporary vulnerability fix

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Reposted from mysterious Xiaoqiang & 1943

Recently, a zero-day Adobe Acrobat Reader vulnerability discovered by foreign researchers has become the target of hacker attacks. According to Dr. Shi Xiaohong, a security expert of 360, some specially crafted malicious PDF documents have already appeared on the Internet in the United States and other countries. Once a netizen opens such documents, the computer will automatically run Remote Control-type Ghost Trojans to become "bots" that allow hackers to remotely control ". Since Microsoft and Adobe have not released patches, the 360 security center provides users with temporary solutions.

According to the analysis by 360 security experts, the zero-day vulnerability of Adobe Acrobat Reader affects all versions between 8.1.0 and 9.0.0. It is triggered by the built-in JavaScript function of the software. If you enable Acrobat JavaScript by default, as long as a malicious PDF file is opened, the attacker will launch an alert. The security vendors outside China have issued an alert and named the existing samples TROJ_PIDIEF.IN and Trojan respectively. pidief. e. Since Adobe has not yet revealed the release date of the patch, hackers will inevitably spread the trojan virus in the vacuum period before the vulnerability is fixed. This attack trend is spreading worldwide, 360 security center for this urgent release of temporary repair tools, please download the use of timely (Repair Tool http://down.360safe.com/360pdffix.exe ).

Adobe Acrobat Reader is a very popular office software, which is more common in local networks of enterprises and institutions. The Ghost Trojan function is similar to the well-known "gray pigeon ", in China, it is an important tool for the trojan industry to set up a "botnet". It can steal all kinds of information in computers, steal online banking assets, control cameras, microphones, and other hardware peripherals, it also initiates active attacks against other computers on the network, which poses a great threat to enterprises, institutions, and campus networks. It is reported that some companies that pay special attention to information security have manually disabled the JavaScript function of Adobe Acrobat Reader to avoid attacks.

<

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More