Question about .pdf viruses/Adobe exploits

Discussion in 'Tech Talk' started by Drjones, Feb 22, 2010.

  1. Drjones

    Drjones

    Messages:
    6,157
    Likes Received:
    57
    Joined:
    Sep 28, 2002
    Location:
    CA, just outside the United States
    I'm sure you guys have heard about the Adobe/.pdf exploit and the recommendation that you update Adobe Reader to ward off any possible attacks.

    Is this an exploit inherent in Adobe or the .pdf format? More importantly, can this security issue be avoided altogether by using a different .pdf reader such as FoxIt?


    Thanks!
     
  2. 9mmXRAY

    9mmXRAY IDPA MW2 GSSF

    Messages:
    611
    Likes Received:
    0
    Joined:
    Feb 20, 2010
    Location:
    Central Florida

    Its normally an exploited security certificate and binded to the PDF file... using another program will only open up new exploits to you that adobe has solved.

    Think of it like this its a clone. which on the outside looks like a cop... but inside he's just a crook.

    Also remember... You need the windows firewall, Windows defender, an accredited anti-virus software and at least 2 types of accredited Anti-spyware and you should be good to go as long as your updating.

    But even then... things will make it through... thats when you Boot to safe mode and run your Anti-spy/Virus software off network.

    Forgot to add yes you can use an aftermarket firewall software with the windows firewall at the same time as long as nothing conflicts like program access. Both should be setup to allow the same things... but either can prevent if needed.
     
    Last edited: Feb 25, 2010

  3. Drjones

    Drjones

    Messages:
    6,157
    Likes Received:
    57
    Joined:
    Sep 28, 2002
    Location:
    CA, just outside the United States
    Thanks for the info. What brands of anti-virus & anti-spyware do you recommend?
     
  4. 9mmXRAY

    9mmXRAY IDPA MW2 GSSF

    Messages:
    611
    Likes Received:
    0
    Joined:
    Feb 20, 2010
    Location:
    Central Florida

    Well I'll tell you what I use and you can decide what works for you best.

    Currently I use AVG and Adaware... and I use the Windows firewall, windows defender and Zonealarm. I use 2 software firewalls but for a company I would suggest a hardware SonicWall.
     
  5. Drjones

    Drjones

    Messages:
    6,157
    Likes Received:
    57
    Joined:
    Sep 28, 2002
    Location:
    CA, just outside the United States
    Thanks. I've started using AVG's free stuff & like it. What do you think of MalWareBytes?
     
  6. stooxie

    stooxie NRA Life Member

    Messages:
    1,069
    Likes Received:
    4
    Joined:
    Apr 10, 2005
    Location:
    Northern Virginia
    Just like all good virus carriers, some form of automatically executing script is required. With later versions of PDF Adobe added Javascript to the format. That's how a pdf document can open a print dialog when it's opened, or how PDF forms can parse/process typed entries.

    -Stooxie
     
  7. iRenegade

    iRenegade

    Messages:
    283
    Likes Received:
    0
    Joined:
    Jan 14, 2009
    Location:
    NY
    +1 on AVG!
    I also have Spybot working simultaneously.
    I run SpyBlaster first on new installations before installing spyBot and AVG.
    Ran into only one attack a few years ago on XP SP1 that required an external fix while using the AVG/SpyBot combo.
     
  8. Sgt. Schultz

    Sgt. Schultz Annoying Member

    Messages:
    2,197
    Likes Received:
    9
    Joined:
    May 21, 2004
    Location:
    West Columbia, South Carolina
    The free version isn't any good for "real time" protection but it is by far the best anti-malware application I've used for cleaning infected computers.


    .
     
  9. solomansousana

    solomansousana

    Messages:
    1,527
    Likes Received:
    3
    Joined:
    Oct 7, 2007
    Location:
    Hampton, Virginia
    I use NIS 2010, and an alpha shield on my secondary computers, which are all wired and the AS catches everything, period. On my primary desktop, I use a watchguard firewall and just the other day I attempted to open a .pdf file but the firewall prevented it's download, when I sent the file to Norton's community watch, they told me it did indeed have a trojan hidden in it.

    These days, I think in addition to all the software options available, a good hardware firewall should be used.
     
  10. 9mmXRAY

    9mmXRAY IDPA MW2 GSSF

    Messages:
    611
    Likes Received:
    0
    Joined:
    Feb 20, 2010
    Location:
    Central Florida
    I've never used it so I'd refer to the other gentlemans post that some of its tools can be useful?:dunno:

    Honestly in all reality if an attacker targets you and he knows what he's doing... there is really nothing you can do but just be a victim.

    But most malicious virus/spyware out there is just a flat tire compared to a real attack.