Re: [News] ActiveX (IE) Exposes Adobe Software and Windows to Hijackers

Home	Messages Index

[Date Prev]	[Date Next]	[Thread Prev]	[Thread Next]

Author Index	Date Index	Thread Index

Re: [News] ActiveX (IE) Exposes Adobe Software and Windows to Hijackers ("Critical" Vulnerability)

Subject: Re: [News] ActiveX (IE) Exposes Adobe Software and Windows to Hijackers ("Critical" Vulnerability)
From: Erik Funkenbusch <erik@xxxxxxxxxxxxxxxxxxxxxx>
Date: Fri, 1 Dec 2006 03:35:56 -0600
Newsgroups: comp.os.linux.advocacy
References: <1164963700.955288.117010@79g2000cws.googlegroups.com>
User-agent: 40tude_Dialog/2.0.15.1
Xref: news.mcc.ac.uk comp.os.linux.advocacy:1189234

On 1 Dec 2006 01:01:41 -0800, Roy Schestowitz wrote:

> Adobe Confirms 'Critical' Reader, Acrobat Exploits With IE
> 
> ,----[ Quote ]
>| A critical security vulnerability in an ActiveX control used by
>| Internet Explorer could allow malicious hackers to use Adobe's
>| Reader and Acrobat software to launch PC hijack attacks,
>| according to a warning from Adobe Systems.
> `----
> 
> http://www.pcmag.com/article2/0,1895,2066079,00.asp

The flaw is in Adobe's code, not IE's.  The fact that it's in their ActiveX
version and not other versions is beside the point.  This type of flaw
could be in any version, because plug-ins, whether they're activex or
"netscape" style are still native code that is not sandboxed, unless of
course it's run in IE7 on Vista.

Follow-Ups:
- Re: [News] ActiveX (IE) Exposes Adobe Software and Windows to Hijackers ("Critical" Vulnerability)
  - From: yttrx

References:
- [News] ActiveX (IE) Exposes Adobe Software and Windows to Hijackers ("Critical" Vulnerability)
  - From: Roy Schestowitz

[Date Prev]	[Date Next]	[Thread Prev]	[Thread Next]

Author Index	Date Index	Thread Index