Adobe Reader Security Issue Found

McAfee has discovered a vulnerability in Adobe’s Reader program that allows people to track the usage of a PDF file.

“Recently, we detected some unusual PDF samples,” McAfee’s Haifei Li said in a blog post. “After some investigation, we successfully identified that the samples are exploiting an unpatched security issue in every version of Adobe Reader.”

The affected versions of Adobe Reader also include the latest “sandboxed” Reader XI (11.0.2).

McAfee said that the issue is not a “serious problem” because it doesn’t enable code execution, however it does permit the sender to see when and where a PDF file has been opened.

This vulnerability could only be dangerous if hackers exploited it to collect sensitive information such as IP address, internet service provider (ISP), or even the victim’s computing routine to eventually launch an advanced persistent threat (APT).

McAfee said that it is unsure who is exploiting this issue or why, but have found the PDFs to be delivered by an “email tracking service” provider.

The vulnerability works when a specific PDF JavaScript API is called with the first parameter having a UNC-located resource.

“Adobe Reader will access that UNC resource. However, this action is normally blocked and creates a warning dialog,” Li said. “The danger is that if the second parameter is provided with a special value, it changes the API’s behavior. In this situation, if the UNC resource exists, we see the warning dialog.

“However, if the UNC resource does not exist, the warning dialog will not appear even though the TCP traffic has already gone.”

McAfee said that it has reported the issue to Adobe and is waiting for their confirmation and a future patch. Adobe wasn’t immediately available for comment at the time of writing.

“In addition, our analysis suggests that more information could be collected by calling various PDF Javascript APIs. For example, the document’s location on the system could be obtained by calling the Javascript “this.path” value,” Li added.

Source

Google Pressuring Developers

Google Inc has been leaning on applications and mobile game developers to use its more expensive in-house payment service, Google Wallet, as the Internet search giant tries to copy the financial success of Apple Inc’s iOS platform.

Google warned several developers in recent months that if they continued to use other payment methods – such as PayPal, Zong and Boku – their apps would be removed from Android Market, now known as Google Play, according to developers, executives and investors in mobile gaming and payment sectors.

Developers say the Internet search giant is trying to simplify consumer payments, hoping apps-buying will rise and offset their higher costs. Google’s payment service charges a higher cut per transaction than some rivals’. But the move also suggests Google is using its powerful position in the mobile apps market to promote an in-house offering.

“Although this move by Google might seem high-handed, it reduces the friction for purchases inside Android apps and therefore makes users more valuable,” said Hugo Troche, chief executive of Appsperse, a cross-promotion network for app discovery.

Android Market, or Google Play as it is now known, is the company’s answer to Apple’s apps store, where consumers browse and buy or download everything from games and music to individual software or applications. Google wants Google Wallet to be the dominant way that people pay for anything on this platform.

Source…

Adobe Flash Exploited

Hackers have found a way to exploit  Adobe Flash Player by using a zero-day vulnerability by using Microsoft Excel documents that was confirmed by Adobe yesterday. Adobe representatives that they will not be able to patch Flash until next week. Therefore, if you use Flash you are on your own until next week.  Read More….