/>
X
Innovation

PDFs could cause attacks without exploits

A security researcher has warned of attacks using PDF documents to spread malware to computers running Adobe Acrobat Reader and Foxit Reader software
Written by Elinor Mills, Contributor on

PDF files could be used to spread malware to clean PDF files stored on a target computer running Adobe Acrobat Reader or Foxit Reader PDF software, a security researcher warned on Monday.

Jeremy Conway, product manager at NitroSecurity, created a proof of concept for an attack in which malicious code is injected into a file on a computer as part of an incremental update, but which could be used to inject malicious code into any or all PDF files on a computer.

The attack requires the user of the computer to allow the code to be executed by agreeing to it via a dialog box. However, the attacker could at least partially control the content of the dialog box that appears to prompt the user to launch the executable and thus use social engineering to entice the computer user to agree to execute the malware, said Conway in his blog.

For more on this story, see Exploits not needed to attack via PDF files on CNET News.

Editorial standards

Related

The 16 best Cyber Monday deals under $30 still available
Amazon Fire TV Stick 4K

The 16 best Cyber Monday deals under $30 still available

These file types are the ones most commonly used by hackers to hide their malware
getty-a-woman-looking-at-a-laptop-with-a-concerned-expression.jpg

These file types are the ones most commonly used by hackers to hide their malware

Don't waste your money on these Apple products: December 2022 edition
Waiting in line for the Apple Store

Don't waste your money on these Apple products: December 2022 edition