New PDF exploit potential

Share this article:
As businesses await the Adobe Acrobat and Reader zero-day vulnerability patch (coming March 11), researcher Didier Stevens this week detailed a way to exploit the bug without users clicking on any malicious PDF document. Essentially, when a PDF is listed in Windows Explorer, a shell extension will read the document to provide more information, such as file size or type, thus executing code without any user interaction, Stevens said. — DK
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS