IE/PDF combo bug?

["Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rmslade () shaw ca>]

Appreciate more detailed info, if anyone has it, unless I'm right and this is a total 
non-starter:

"A bug in Microsoft’s Internet Explorer browser is causing more than 50 million 
files stored online to leak potentially sensitive information that could 
compromise user privacy, a security researcher said.  The documents stored in 
Adobe’s PDF format display the internal disk location where the file is stored, an 
oversight that can inadvertently expose real-world names and login IDs of users, 
the operating system being used and other information that is better kept 
private."  

OK, I get it that the "50 million" number is just somebody's estimate of the total 
number of PDF files out there.  (Or, given the next few sentences, just a Google 
search result.)  However, this seems to be simply a bug/covert storage channel in 
Adobe or the PDF format.  How does it involve IE?

"The data can then be retrieved using simple web searches. Google searches such as 
this one expose almost four million documents residing on users’ C drives alone. 
Combined with searches for other common drives, the technique exposes more 
than 50 million files that display the local disk path"  

Right.  So searching for "C:/" finds files (with embedded directory info) stored on 
the Internet.  (Or tutorials on how to use DOS.)  We get it.

"according to Inferno, a security researcher for a large software company 
who asked that his real name not be used."

A security consultant wannabe who is shy?  That sounds suspicious ...

“If they have those kind of PDFs, somebody can use search engines to find out 
user names or do more reconnaissance on the operating systems used,” he told 
The Register. “That actually invades the privacy of a user.”  

Scary.

"The potentially sensitive data is included in PDFs that have been printed using 
Internet Explorer. The full path location is appended to its contents as soon as 
the Microsoft browser is used to print the document. Although the data isn’t 
always exposed when the document is viewed with Adobe Reader, it is easily 
readable when the file is opened in editors such as Notepad, and the text is also 
available to Google and other search engines. This PDF, for example, was stored 
at C:\Program Files\Wids7\WizardReport.htm at time of printing. The path makes 
it clear that the file was stored on a Windows machine that has software from 
Worldwide Instructional Design System installed. Other PDFs give up directory 
names that reveal authors, projects or other data that may have been designated 
confidential. The only way to remove the path is erase the text in an editor and 
save the document."  

So, you can get at the info regardless, but IE just prints it up more readily?

http://www.theregister.co.uk/2009/11/23/internet_explorer_file_disclosure_bug/ 

======================  (quote inserted randomly by Pegasus Mailer)
rslade () vcn bc ca     slade () victoria tc ca     rslade () computercrime org
People everywhere confuse what they read in newspapers with news.
                                                     - A.J. Liebling
victoria.tc.ca/techrev/rms.htm blog.isc2.org/isc2_blog/slade/index.html
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/NoticeBored http://twitter.com/rslade

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.