Patch/Configuration Management, Vulnerability Management

PDFium vulnerability in Google Chrome enabled arbitrary code execution

Cisco Talos researchers spotted a vulnerability in PDFium, Google Chrome's default PDF reader, that could allow an attacker to gain arbitrary code execution.

The bug was caused by a heap buffer overflow vulnerability in the jpeg2000 image parser library used by PDFium, Cisco Talos threat researcher Earl Carter said in a June 8 blog post.

An attacker could have exploited the vulnerability if a user viewed a PDF document that included an embedded jpeg2000 image, the post said.

“The most effective attack vector is for the threat actor to place a malicious PDF file on a website and then redirect victims to the website using either phishing emails or even malvertising,” Carter told SCMagazine via emailed comments.

Researchers promptly notified Google and a patch was released on May 25. Chrome automatically updates itself and users only need to ensure they have restarted their browser since the release of the patch.  

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.