Forgot your password?
typodupeerror
Security

+ - PDF Vulnerability Now Exploitable With no Clicking->

Submitted by
SkiifGeek
SkiifGeek writes "With Adobe's patch for the current PDF vulnerability still some time away, news has emerged of more techniques that are available to exploit the vulnerability, this time without needing the victim to actually open a malicious file. Instead, the methods make use of a Windows Explorer Shell Extension that is installed alongside Adobe Reader, and which will trigger the exploitable code when the file is interacted with in Windows Explorer. Methods have been demonstrated of successful exploitation with a single click, with thumbnail view, and with merely hovering the mouse cursor over the affected file.

There are many ways that exploits targeting the JBIG2 vulnerability could be hidden inside a PDF file, and it seems that the reliability of detection for these varying methods is spotty, at best."

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

PDF Vulnerability Now Exploitable With no Clicking

Comments Filter:

I am not now, nor have I ever been, a member of the demigodic party. -- Dennis Ritchie

Working...