Monday, February 23, 2009

How to handle problems?

2695443721_d6410e65d2_bPretend they don’t exists!

Some time ago I complained about WinPatrol. Today its author published a blogpost badmouthing Adobe because of the recent flaw in Adobe Reader. Myself in turn, posted a comment pointing out that no software is perfect (his included) and furthermore: the advice he gives is partially wrong and leaves people exposed to exploitation.

You see, he recommends for people using his product to disable the Adobe Reader ActiveX. However, all that this does is that it disables the loading of PDF’s in IE. It doesn’t disable it in Firefox and even IE still remains vulnerable, since it will offer you to download and/or open the PDF’s, and the moment you open it (inside or outside of the browser), the shellcode gets a chance to be executed.

And what did he do? Deleted the comment :-)

PS. The correct solution is to disable Javascript (this will kill the current exploit circulating out there not because it is a flaw in JS, but because – probably for convenience – it uses JS) and patch as soon as a patch is available. Also, consider using alternative readers (even though they have their own set of flaws, the probability of them being targeted is lower).

Image taken kennymatic's photostream with permission.

No comments:

Post a Comment