Best Practice to Prevent PDF Attacks
I subscribe to Search Security at Tech Target and receive newsletters from them on a regular basis. It just so happens the one that I received
today had an article about how Enterprise can prevent an attack due to PDF hacks. I just read through the article and found it a very good refresher
on best practices for protecting against any malware spread by using any number of compromised attachments.
It is human nature I guess, that we open attachments from folks we know and unfortunately even some we don't know. Often times these attachments
contain more than we bargained for. Because Adobe is on every computer in the world (ok - maybe an exaggeration) it is a really big target. And
because it is a really big target there are a number of vulnerabilities associated with one component or another. The article from Tech Target states:
"According to McAfee Inc. Avert Labs, as of Q1 2010, malicious malformed
PDF files are now involved with 28% of all malware directly connected to exploits."
Considering the number of different possible attack vectors this 28% is huge. The article goes through some very common sense tips for protecting
your organization. This article though focusing on misused PDF's can be used to protect against other potential attack vectors.
Some may say this is old news and common sense and I won't disagree. But sometimes the old makes things new again.
http://searchsecurity.techtarget.com/tip/0,289483,sid14_gci1513908,00.html?track=NL-422&ad=769731&asrc=EM_NLT_11739094&uid=6115703
Deb Hale Long Lines, LLC
Comments
You'll miss out on some multimedia functionality from Adobe 9 that nobody is using but you'll be safer for it! (see Nuance PDF Reader or Acrophobia for just two examples)
Bill
Jun 9th 2010
1 decade ago
See: <a href="http://www.us-cert.gov/cas/techalerts/TA10-159A.html">US-CERT Technical Cyber Security Alert TA10-159A </a>
Another good article for securing Adobe Reader suggests blocking multimedia in documents, blocking the launching of non-PDF attachments from inside a PDF, controlling plug-ins, restricting web sites in Trust Manager, removing Javascript execution privileges from menu items. See this article:
<a href="http://www.techradar.com/news/internet/6-ways-to-protect-your-pc-from-rogue-pdf-files-592099">6 ways to protect your PC from rogue PDF files</a>
IBM_PS2it
Jun 9th 2010
1 decade ago
Paul Ciatto Consultant, Insource Technology
"The postings on this site are my own and don't necessarily represent Insource 's positions, strategies or opinions."
Paul Ciatto
Jun 11th 2010
1 decade ago
Here's a good example: Back in 1998 I helped design and deliver online security training courses taken by over 10,000 employees. But yesterday I read that lax security at this very same company had led to the exposure of over 100,000 high profile customer email addresses. Clearly, security know-how within any organization needs constant reinforcement.
New employees are constantly entering the workforce and need information security awareness training appropriate to their roles and what role in a company today does not require an employee to handle at least some information securely.
Unfortunately, during tough times likes those from which we are now--hopefully--emerging, training and awareness programs tend to be neglected or under-funded. That means the problem of under-trained and under-aware staff will likely get even worse in the coming year as businesses emerging from the recession take on more new staff.
Mike
Jun 15th 2010
1 decade ago