Particularly noteworthy in the
Lurid campaign is the ease with which the perpetrators managed to compromise their victims in the first place: They simply used known
Adobe Reader exploits and malicious screensavers to infect user machines with malicious downloaders, which in turn connected to the hackers' command-and-control servers to await further instructions. As far as payload went,
Trend Micro found that the downloader could install malware as a Windows service. It could also copy itself into the system folder and "ensure persistence by changing the common startup folder in Windows."
Microsoft and Apple both have serious problems with Adobe.
Has Adobe's persistent arrogant disregard for security made it the
Ford Pinto of software?
Here are some alternatives...
PDF Readers (use instead of Adobe Reader)
Flash Players (browser plugins to replace Adobe Shockwave Flash)
SWF, Shockwave, Flash
Labels: adobe, security
0 Comments:
Post a Comment
<< Home