View Single Post
Old 02-15-2013, 11:20 AM   #4
JoeD
Guru
JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.
 
Posts: 889
Karma: 4383958
Join Date: Nov 2007
Device: Hanlin v3, iPad, Kindle 4NT
I wouldn't call it panicking to mention enabling a security feature that protects against an active exploit. Really it's a feature most people should have on by default and only disable when they really really need to open a PDF that makes use of a disabled feature (at which point you can be extra careful about where it came from).

This likely won't impact most users who are careful about who they open attachements from, however it is a real threat because the emails are not generic, they're highly targeted. They include details that may be relevant to your current work and appear to come from a co-worker. Or, it may be an email from your kids sports team with an updated calendar of events. There's a lot of information that can be obtained about a person via forums, company websites and social networking sites that allow emails to seem so genuine that they're bound to catch people out.

Even if this exploit wasn't in the wild, I think it would be prudent for people to go for the more secure settings by default and gradually back off for the odd pdf. Same as blocking javascript/flash and other plugins on websites by default and backing off the settings on the few websites you use that really do need it.
JoeD is offline   Reply With Quote