- Windows XP
- Internet Explorer 7
- Adobe Acrobat or Reader, v8.1 and earlier
Microsoft changed the way URIs (Uniform Resource Identifiers, a link of some sort) are handled in IE7. Due to this change there has been a security flaw discovered which could be transmitted through .pdf files.
Though this is not the first security alert regarding .pdfs, they have been (and still are) a preferred file type alternative to .doc (Word documents) for email attachments. PDFs retain their original formatting, and in most cases can not be edited by the recipient. Word documents (with the .doc file extension), have long been known to have the ability to transmit viruses and other threats, and should never be opened unless you know the sender.
PDFs are also more universally readable, by users of MACs and Linux, as well as Windows. There are also other PDF readers other than Adobe's Acrobat, which is known for being very bloated and slow to load. We recommend FoxIt PDF Reader, a very lightweight and free PDF reader.
Use common sense online, and apply basic security procedures that you follow in everyday life (lock your doors, be aware of your surroundings, don't take candy from strangers) to your dealings online:
- Never open any email attachment from a stranger, or any attachment you aren't expecting
- Be aware of security threats when alerts are issued
- Update relevant software
For the full alert read: Technical Cyber Security Alert TA07-297B
