New PDF exploit potential

Share this article:
As businesses await the Adobe Acrobat and Reader zero-day vulnerability patch (coming March 11), researcher Didier Stevens this week detailed a way to exploit the bug without users clicking on any malicious PDF document. Essentially, when a PDF is listed in Windows Explorer, a shell extension will read the document to provide more information, such as file size or type, thus executing code without any user interaction, Stevens said. — DK
Share this article:

Sign up to our newsletters

More in News

Latest Citadel trick allows RDP access after malware's removal

Latest Citadel trick allows RDP access after malware's ...

Trusteer, an IBM company, said the new Citadel configuration was detected this month.

Cryptoblocker variant emerges, encryption differs from CryptoLocker

Trend Micro has detected a variant of CryptoLocker in the wild that relies on the advanced encryption standard.

Jimmy John's sandwich chain investigating possible breach

Some financial institutions have indicated that credit cards recently used at Jimmy John's locations have been used to make fraudulent purchases.