Windows' Built-In PDF Reader Exposes Edge Browser To Hacking (softpedia.com)

Posted by BeauHD on Wednesday March 2, 2016 @10:57AM from the hit-the-floor dept.

An anonymous reader writes: Edge, Microsoft's new browser, uses the WinRT PDF library to automatically embed and present PDF files while navigating the web. This is what Java does with applets, and Flash with SWF files -- it unintentionally allows a hacker to append malicious code to PDF files and trigger drive-by attacks, which exploit WinRT vulnerabilities to target Windows 10 users. All that an attacker needs to do is to find and create a database of WinRT vulnerabilities it could leverage to distribute his malware.

1 of 97 comments (clear)

Min score:

Reason:

Sort:

Re: Ah, PDF - should have stopped at 1.5 by Destined+Soul · 2016-03-02 11:42 · Score: 1, Interesting

This. My company gave up on Windows after we almost went out of business because of a data leak due to a .NET bug. Anyone still using doesn't care about security.
Which bug was that?