Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Internet Explorer security hole leaks private information from PDF files

Add to     Digg this story Digg this

November 24, 2009

A critical security flaw in Microsoft's Internet Explorer browser is causing more than 50 million files stored online to leak potentially sensitive information that could compromise user privacy, a security researcher said.

The PDF documents display the exact internal disk location where the file is stored, an oversight that can inadvertently expose real-world names and login IDs of users, the operating system being used and other sensitive information. The data can then be retrieved using simple Google or Yahoo searches.

Click here to order the best dedicated server and at a great price.

The potentially sensitive data is included in PDF documents that have been printed using Internet à Explorer. The full file path location is appended to its contents as soon as the Microsoft browser is used to print the document.

Although the data isn't always exposed when the document is viewed with Adobe Reader, it is easily readable when the file is opened in editors such as Notepad, and the text is also available to Google and other search engines, namely Yahoo.

The exact file path makes it very clear that it was stored on a Windows computer or server that has software from Worldwide Instructional Design System installed.

Other PDFs also provide directory names that reveal authors, projects or other specific data that may have been designated as confidential and sensitive.

If they have those kind of PDF documents, somebody can use Google to find out user names or do more reconnaissance on the operating systems used. That actually invades the privacy of a user.

Some Google searches can easily expose over 4 million documents residing on users' C drives alone.

Combined with searches for other common drives, the technique exposes more than 50 million files that can readily display the local disk path, according to Inferno, a security researcher for a large software company who asked that his real name not be used.

The only way to remove the file path is erase the text in an editor and re-save the PDF document.

So far, all versions of Internet Explorer suffer from this security hole. A Microsoft spokeswoman said company engineers are working to reproduce the reported behavior, however.

"We can confirm that this isn't a security vulnerability," she wrote in an email.

Add to     Digg this story Digg this

Source: ISAI.

Save Internet's URL to the list of your favorite web sites in your Web browser by clicking here.

Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.

You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.

Click here to order your Proxy Sentinel™ Internet security server today!

Proxy Sentinel™ is the most secure Internet proxy server on the market today. Click here for more information.
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet is listed in
Global Business Listing

| Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
Copyright © Internet    Terms of use    Privacy agreement    Legal disclaimer

Install your server in Sun Hosting's modern colocation center in Montreal. Get all the details by clicking here.

Get your Linux or Windows dedicated server today.

The industry's best and most accurate tool to find out EXACTLY what your CORRECT keywords are. Click here to learn more.