Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Method Could Hide Malware In PDFs, No Further Exploits Needed

Posted by timothy on from the deploy-linux-countermeasures dept.

Trailrunner7 writes "A security researcher has managed to create a proof-of-concept PDF file that executes an embedded executable without exploiting any other security vulnerabilities. The PDF hack, when combined with clever social engineering techniques, could potentially allow code execution attacks if a user simply opens a rigged PDF file. With Adobe Reader, the only thing preventing execution is a warning. Disabling JavaScript will not prevent this."

12 of 234 comments (clear)

  1. Re:PDF-XChange by abigor · · Score: 3, Funny

    Do you always refer to yourself with the royal "we"?

  2. Windows only again? by Anonymous Coward · · Score: 1, Funny

    Poor Mac OS X and Linux users are left out again.

  3. Re:Clever social engineering... by T+Murphy · · Score: 5, Funny

    The guys at Adobe heard about oscilloscopes with hidden games on them, and Word's flight simulator, so they incorporated "features" so they could make an easter egg of their own. They never got around to that easter egg, so now lots of people are kindly lending them a hand at it.

    --
    My webcomic
  4. Re:PDF-XChange by idontgno · · Score: 3, Funny

    I'm pretty sure a substantial minority of your eukaryotes actually prefer Adobe products.

    The "we" you're using is just your corporeal ruling elite talking, Man! It's just another example of your neurons keepin' your connective cells and fat tissue down!

    --
    Welcome to the Panopticon. Used to be a prison, now it's your home.
  5. Hey Google, integrate this too! by Graham+J+-+XVI · · Score: 2, Funny

    Chrome integration of one buggy plugin deserves another, right?

  6. Re:PDF-XChange by natehoy · · Score: 3, Funny

    As Mark Twain once said, "Only kings, presidents, editors, and people with tapeworms have the right to use the editorial 'we.'"

    Peter does not appear to be a king, is unlikely to be a president, and he's probably not an editor...

    --
    "This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
  7. Re:PDF-XChange by suomynonAyletamitlU · · Score: 4, Funny

    To be fair, my fatty tissue is an ass, and my connective tissues jerk me around all the time.

  8. Re:PDF-XChange by treeves · · Score: 3, Funny

    We recommend niclosamide or another anthelminthic for Pete.

    --
    ...the future crusty old bastards are already drinking the Kool-Aid.
  9. Worst security flaw of the decade by MobyDisk · · Score: 2, Funny

    There is a command in the PDF language that says "execute the following command-line!" I thought having that ability in the scripting language was dumb. But it's actually available in the document description format? What possible purpose could that server? I don't want a message box added, or a security setting -- just remove that command entirely from the implementation!

    How did this come about when they were designing the PDF format?
          "Let's make it support bold, italic, underline, and execute."
    One of the above does not fit with the others.

  10. Re:PDF-XChange by PhxBlue · · Score: 4, Funny

    In all fairness, it's hard sometimes to separate the tapeworms from the editors on Slashdot. But generally, the tapeworms have better grammar. :)

    --
    !#@%*)anks for hanging up the phone, dear.
  11. Re:Sad by QRDeNameland · · Score: 2, Funny

    ...I was thinking PoC meant Piece of Crap which I thought was redundant when referring to a PDF.

    In my experience, the proper industry acronym is BFPoC, for Big Fat Piece of Crap, a term allegedly coined by one Artemus Clyde Frog.

    --
    Momentarily, the need for the construction of new light will no longer exist.
  12. Re:Sad by shutdown+-p+now · · Score: 3, Funny

    This is one reason open-source is generally better: when an open-source project is done, the developers leave it that way (unless any bugs are found), and go find something else productive to work on.

    One word: Emacs.