Tuesday, March 30, 2010

Malicious executables embedded in PDFs run silently on Foxit Reader

PDF researcher Didier Stevens has just found out a security vulnerability that it is possible to execute arbitrary code out of PDF files. This means an executable can be embedded in a PDF and get it to be run once the document is opened. Some PDF readers e.g. Adobe reader and Nuance's free PDF reader will show a warning dialog but when opened but NOT for popular Foxit Reader.

This is worrying.

Malicious PDFs Own Foxit; Adobe At Least Warns [via]

No comments:

Post a Comment

Do provide your constructive comment. I appreciate that.