9/14/2023 0 Comments Sumatrapdf readerThe executable that is used can be found out via Task Manager (when the web browser is running). Use Exploit Protection to activate ACG mitigation for file name opera.exe.Make it a default application for web browsing.Install 3rd party web browser - I will use Opera as an example. This can significantly reduce the infection rate on the computers of casual users. This will also work for other applications (like email clients) that use the web browser to open hyperlinks. There is a way to block opening Internet hyperlinks in any document. One can argue that it would be hard to find people who use Foxit Reader and were infected via PDFs, but this can follow as well from the fact that many more people use Adobe Reader. We only suspect that the differences between Adobe Reader and other PDF viewers can efficiently reduce the number of shared vulnerabilities, but there is no information on how efficient this can be. All these applications deal with the same PDF documents so some vulnerabilities may be shared. But, this will not help if the payload is embedded in the PDF document.Īnother thing is that we really do not know how many Adobe Reader's vulnerabilities are present in other PDF readers. Blocking Internet access to the PDF viewer can help when the viewer is exploited and the malicious code runs in the memory of this viewer to download the payload from the Internet. This cannot be also blocked by blocking child processes for the PDF viewer. If you click on a hyperlink in the PDF document, then PDF viewer does not use the Intenet but simply the call is redirected to your default web browser. Click to expand.This will not work as well as you think.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |