2009-03-13

PDF Vulnerability

A very serious pdf vulnerability is out in the open and is doing rounds in the news. The interesting part of this vulnerability is that a victim could get effected, even without opening the infected pdf file..!!

Here is one of the most comprehensive articles I have come across. The author demos three methods to trigger the vulnerability:
  1. When the user just selects the infected pdf doc with a single click
  2. If the user changes his Windows Explorer's view to Thumbnails View
  3. If the victim hovers his mouse's cursor over the document

2009-03-03

Is Open Source More Secure?

Someone very recently asked me if Open Source Softwares were better and more secure, compared to their proprietary (read: Microsoft) counterparts.

Today I came across a blog from Jack Danahy, and he talks about this same topic is some serious depth. He also goes on to explain how companies use and misuse these misconceptions to make their own sales pitch.

Net conclusion: All software has some amount of vulnerability within them. Users should always remember to trust reputed software vendors and should always keep up with the latest security patches.