The Team for Research in Ubiquitous Secure Technology

Upcoming Events

TRUST in the News

Internet is still vulnerable to cyber-criminals

Android apps and advertising: A bit too cozy

Carrier IQ cell phone monitor software is a nightmare

White House Honors Cornell's Salman Avestimehr with PECASE

The Science of Cyber Security

Security and Privacy News

Adobe Download Manager Installing Software Without Consent

Slashdot is running an article about a problem in the Adobe Download Manager (ADM) found by Researcher Aviv Raff. The net effect of the problem is that a user can be tricked into downloading and installing software without actual consent.

In a related article in PCMAG.COM, Raff's list of the following software can be downloaded and installed for users that have ADM installed by merely following a link to Adobe's site, including Adobe Flash 10, Adobe Reader 9.3, Adobe Reader 8.2, Google Toolbar6.3, McAfee Security Scan Plus and a half dozen more.

The ADM FAQ explains that ADM is installed when needed and removed when the system reboots. However, this ignores the fact that Adobe downloads don't tyically require a reboot and users might go a long time between them.

Raff also announced that he had found a remote code execution bug in ADM, increasing the danger of remote compromise by an order of magnitude or two.

See more at Security Watch.

For other items, see the Security and Privacy News blog.

Key Resources:

Overview	Orgchart	Partners	Recent Pubs	Annual Report
News	Seminar	Research	Education	FAQ

How do I contact the Trust Center?
You are not logged in
Copyright © 2005-2012 TRUST

TRUST Themes

Education

Knowledge Transfer

Network Defenses

Policy

Sensor Networks

Trustworthy Systems

Security and Privacy News

DHS: $40M To Research Next Big Thing in Cyber Security

Discarded Copiers Hold Sensitive Data on Hard Drives

Please do not change your password

Privacy Protection Needed as Smart Grid Arrives

Judge Hears Arguments on Google Book Settlement