Wednesday, April 7, 2010


Security researcher Jeremy Conway says he has discovered a way to spread malicious code such as worms and Trojans across PDF documents on a victim’s computer. This attack is just the same with some email attachments but little bit differ in a way that PDF files automatically opens together with its attachments. Hackers have known for some time that PDF readers could be manipulated in this way, but Stevens’ attack showed how one reader — Foxit Reader — could launch the executable without even notifying the user. Foxit has now patched this bug, but the underlying flaw in the PDF standard can’t be fixed without changing the PDF standard itself.

For the users who want to turn off the Adobe Reader or Acrobat feature that allows the attack to work, you can click “Edit > Preferences > Categories > Trust Manager > PDF File Attachments” and then un-check the box that reads “Allow opening of non-PDF file attachments with external applications.” Although we are not new to these kind of attacks via different media, we should always be aware.


No comments:

Post a Comment