PDFs could cause attacks without exploits

PDFs could cause attacks without exploits

Summary: A security researcher has warned of attacks using PDF documents to spread malware to computers running Adobe Acrobat Reader and Foxit Reader software

SHARE:
TOPICS: Security
0

PDF files could be used to spread malware to clean PDF files stored on a target computer running Adobe Acrobat Reader or Foxit Reader PDF software, a security researcher warned on Monday.

Jeremy Conway, product manager at NitroSecurity, created a proof of concept for an attack in which malicious code is injected into a file on a computer as part of an incremental update, but which could be used to inject malicious code into any or all PDF files on a computer.

The attack requires the user of the computer to allow the code to be executed by agreeing to it via a dialog box. However, the attacker could at least partially control the content of the dialog box that appears to prompt the user to launch the executable and thus use social engineering to entice the computer user to agree to execute the malware, said Conway in his blog.

For more on this story, see Exploits not needed to attack via PDF files on CNET News.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion