PDF Threat!

According to a recent Tech-news-media-blits, Adobe has pushed out a highly critical security update to its Adobe Reader and Acrobat software. The update fixes a highly critical flaw in which code imbedded into a PDF file will be automatically executed.

I have never been a huge fan of Adobe Reader’s excessively long load times and browser instabilities. I have been a longtime user of Foxit Software’s Foxit Reader. Foxit Reader is a much smaller and lighter PDF reader but it does not support all of the latest functionality that is implemented in the newest versions by Adobe. Furthermore, it was also vulnerable to the same recent threats, although Foxit Software was much faster to respond to the threat.

Disclaimer: Foxit Reader is 3rd party software and although it is recommended by this consultant, it is not supported by OIT.

However, this is not the first time that Adobe has needed to fix it’s code, which is another reason to use Foxit Reader.

We recommend to all our users to upgrade to the latest version of Adobe Reader and/or Foxit Reader immediately.

But as of now there is no evidence that any malicious code or trojan has been written to take advantage of the security hole.

Details about the vulnerability and proof-of-concept videos can be found here for the inquiring minds.

“Conficker Worm Could Create World’s Biggest Botnet”

I saw this article on Slashdot today and wanted to warn everyone out there. Nine million infected computers running Microsoft systems is an incredible amount of machines compromised.

Make sure your McAfee Enterprise is up to date and your Windows machine has installed all the latest updates!

As the article states, the worm propagates through un-patched Windows systems and through USB thumb-drives. This means that having a secure system or up-to-date virus protection is NOT ENOUGH! You need a combination of both. This is good computer usage in practice anyway, but we see an incredible amount of un-patched XP and Vista systems come in with virus infections.

What you see when an infected USB-drive is plugged-in

What you see when an infected USB-drive is plugged-in

The above image shows what happens when you plug-in an infected USB-stick into a machine. Notice the “Publisher not Specified,” text in gray under the open option? That should be your first clue right there. Do NOT click on this, as this will launch the virus and infect your computer.

It’s just that little yellow icon in your system tray, that little place with icons by the time in the bottom left. Click – Express Install – Done. It’s really that simple.

For those that are interested, the Microsoft Security Bulletin can be read here.