TweakTown
Tech content trusted by users in North America and around the world
5,677 Reviews & Articles | 36,088 News Posts
Weekly Giveaway: Fractal Design Arc Cases Contest (Global Entry!)

PDF file format found to be a vector for attack

No need to use Javascipt anymore

| Hacking & Security News | Posted: Apr 6, 2010 2:10 am

We have all heard about how Adobe's Acrobat Reader and Flash browser plug-ins are vulnerable to exploits. But did you know that the actual file format specification for all PDFs is also a vector for attack?

 

The ISO standard for PDFs (ISO PDF 32000-1:2008) details the functionality that is present in the file format and outlines the launch command. This launch specification can allow malicious coders to imbed scripted commands that can infect even a clean PDF. There is no need to exploit javascript or another zero-day exploit. As the code executes in the PDF the user will be presented with a dialog box asking if he or she wants to run the code. A clever attacker can design the dialog to entice the user into thinking they need to click this. This is a proven technique used by many "scare-ware" vendors. They fool the user into thinking they are infected with a virus and by clicking on a button it will clean it off for them.
Both Adobe and Foxit are working ways to correct the issue or at least provide additional user warnings about the danger of opening unknown PDFs.

 

 

NEWS SOURCE
News.cnet.com

Related Tags

Further Reading: Read and find more Hacking & Security news at our Hacking & Security news index page.

Do you get our news RSS feed? Get It!

Post a Comment about this news

Latest Tech News Posts

View More News Posts

Latest Downloads

View More Latest Downloads

TweakTown Web Poll

Question: Did EA kill the Battlefield franchise with the terrible BF4 issues?

Yes, Battlefield is doomed

No, Battlefield will live on strong

I'm not sure, but I know EA needs to improve its game

or View the Results

View More Polls

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases
Get TweakTown updates via Facebook!
Just click the "Like" button below