The "latest exploit de jour" thread
we need this.
I've converted completely to Edge anyway.
"The bug in a built-in PDF reader" ... Oh, good. I disabled that shit years ago. Maybe you guys could work on making a working browser first, THEN worry about creating a bug-ridden .pdf viewer later on?
The exploit was served in an advertisement on an undisclosed Russian news site, but Veditz said he couldn't rule out the possibility that other sites also hosted the attack....
People who use ad-blocking software may have been protected from this exploit depending on the software and specific filters being used."
suck it, "ad-blocking is evil and ads are safe" camp!
Filed under: One month later...
Would it be wrong of me to code a zero-day exploit that permanently disabled Adobe plug-ins in all browsers, added 0.0.0.0 entries in hosts.txt for all adobe sites, uninstalled Flash player, and finally created a read-only directory under c:\program files\Adobe that no user has permissions to modify?
"The bug in a built-in PDF reader" ...Because if you write your own PDF reader it can't possibly have any bugs.
That report makes me very glad that I reacted to the sudden appearance of a slow, irritating inbuilt PDF reader with broken printing support after a Firefox update by quickly working out how to disable it on all school workstations, and that I've always run comprehensive ad blocking inside the school at both workstation and web proxy levels.
Given that this kind of purely toxic shit always turns up in advertising before anywhere else, I remain astonished that there are still people who seem to think that allowing advertising to get as far as the browser's rendering engine is in any way a good idea.