PDF security


Zeus Botnet Exploiting PDF Flaw

The Zeus botnet is now using an unpatched flaw in Adobe’s PDF document
format to infect users with malicious code, said security researchers. Read the full article. [Computerworld]

Hacker Finds a Way to Exploit PDF Files, Without Vulnerability

SEE: Updated report with response from Adobe and FoxIt SoftwareA security researcher has managed to create a proof-of-concept PDF file that executes an embedded executable without exploiting any security vulnerabilities.The PDF hack, when combined with clever social engineering techniques, could potentially allow code execution attacks if a user simply opens a rigged PDF file. 

Adobe Defends PDF Patch Delays

Adobe chose to wait until mid-January to
patch a critical PDF bug because issuing an emergency update would have
disrupted its quarterly security update schedule, the company said
today. Read the full article. [Computerworld]


Using Internet Explorer and a virtual PDF generator to print a PDF file
from a HTML page causes the document’s entire storage path, for example
file://C:UsersdabDownloadsdocument.pdf, to be stored in the document itself. Read the full article. [The H Security]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.