Wednesday, May 5, 2010

Foxit Reader Update Blocks New PDF Attack Tactic

Foxit Reader Update Blocks New PDF Attack Tactic: Foxit Software, the developer of a rival PDF viewer to Adobe's vulnerability-plagued Reader, released an update today that blocks some attacks with a "safe mode" that's switched on by default. Foxit Reader 3.3 for Windows includes what Foxit dubbed "Trust Manager," which blocks all external commands that may be tucked into a PDF document. The new version is designed to stymie some common attack vectors that hackers use when they probe PCs for bugs in the PDF format, or in a viewer application. … Last week, several security companies warned of a major malware campaign that tried to dupe users into opening rigged PDFs that exploited an unpatched design flaw in the PDF format, one attackers could use to infect users of Adobe's and Foxit's software. [Date: 5 May 2010; Source:]