X
Tech
Home Tech Security

PDFs could cause attacks without exploits

A security researcher has warned of attacks using PDF documents to spread malware to computers running Adobe Acrobat Reader and Foxit Reader software
Written by Elinor Mills, Contributor

PDF files could be used to spread malware to clean PDF files stored on a target computer running Adobe Acrobat Reader or Foxit Reader PDF software, a security researcher warned on Monday.

Jeremy Conway, product manager at NitroSecurity, created a proof of concept for an attack in which malicious code is injected into a file on a computer as part of an incremental update, but which could be used to inject malicious code into any or all PDF files on a computer.

The attack requires the user of the computer to allow the code to be executed by agreeing to it via a dialog box. However, the attacker could at least partially control the content of the dialog box that appears to prompt the user to launch the executable and thus use social engineering to entice the computer user to agree to execute the malware, said Conway in his blog.

For more on this story, see Exploits not needed to attack via PDF files on CNET News.

Editorial standards
Show Comments

Related

Logitech Mevo Core Streaming camera on a tripod on set

I fly 10 times a year. These 5 tech gadgets are lifesavers

West Virginia bridge in spring time

4 ways to connect to the internet for less after the Affordable Connectivity Program expires

Copilot in enterprise hero images

How one company's employees use Microsoft Copilot to avoid the worst part of meetings