From: FromTheRafters on
"Bill" <sendspamhere(a)mailinator.com> wrote in message
news:hjhldj$ofl$1(a)news.eternal-september.org...
> On Sun, 24 Jan 2010 08:08:35 +0000, Dustin Cook wrote:
>
>> The malware exploits what the majority of users use.
>
> Linux is far more security conscious. Hard to get a virus when your
> compiling software from source code stored in a repository.

Not really harder, it is just different.


From: David Kaye on
Bill <sendspamhere(a)mailinator.com> wrote:

>Linux is far more security conscious. Hard to get a virus when your
>compiling software from source code stored in a repository.

However, I just picked up malware (a variant of Antivirus 2010) via a Linux
hosted website. It was a Javascript embedded in a PDF file. Apparently there
is still a vulnerability in Acrobat Reader that allows this junk to be
installed on a computer. Had a devil of a time removing it last night.

From: Beauregard T. Shagnasty on
David Kaye wrote:

> Bill <sendspamhere(a)mailinator.com> wrote:
>> Linux is far more security conscious. Hard to get a virus when your
>> compiling software from source code stored in a repository.
>
> However, I just picked up malware (a variant of Antivirus 2010) via a
> Linux hosted website. It was a Javascript embedded in a PDF file.

Why would you mention it was a Linux web host? That has nothing to do
with a PDF file some webmaster put there for you to download. The same
thing would have happened if the host was a Microsoft IIS host. Or
Solaris ... or ...

--
-bts
-Four wheels carry the body; two wheels move the soul
From: Ant on
"David Kaye" wrote:

> However, I just picked up malware (a variant of Antivirus 2010) via a Linux
> hosted website. It was a Javascript embedded in a PDF file. Apparently there
> is still a vulnerability in Acrobat Reader that allows this junk to be
> installed on a computer.

I thought Adobe had caught up with patching the recent vulnerabilities
unless this is another new one or you're using a different reader. I'd
like to see that PDF.

In any case, with so much malware targetting such browser plugins, you
shouldn't allow it to automatically render PDFs or allow them to run
embedded script.


From: David Kaye on
"Beauregard T. Shagnasty" <a.nony.mous(a)example.invalid> wrote:

>Why would you mention it was a Linux web host? That has nothing to do
>with a PDF file some webmaster put there for you to download.

Why did the machine allow an infected pdf to be transferred?