Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Embed malicious code into PDF file without security error
Attack on the system through malicious code embedded in PDF files whether users open with the latest version of Adobe Reader or Foxit Reader.
Embed malicious code into PDF file without security error Picture 1 This is shocking information published by security researcher Didier Stevens. The optional code will execute when opening the PDF file with 2 software to view the most popular PDF files currently, Adobe Reader and Foxit Reader without having to exploit any errors from these two software.
The default setting in the two software for viewing PDF files that do not allow embedding executable code can be run directly, but both are bypassed by a command. This means that users can easily get malicious code when opening PDF files, the type of document file format that is very popular on the internet, using Adobe Reader or Foxit Reader even though both software do not make mistakes. any honey
In the test example demonstrating that it is possible to embed malicious code and execute it easily from within a PDF file, Stevens said he used the option " Launch Actions / Launch File " to run the calculator tool that could replaced by malicious code in a real attack when opening PDF files in Adobe Reader 9.3.1 in Windows XP SP3 and Windows 7 (See the video clip below).
The good news is that Stevens did not announce the exploit code out, but only informed Adobe and Foxit so that these two companies soon find ways to overcome because users are completely passive in case of being attacked by this error. Hackers can completely change the content of Adobe Reader default warning when opening files with embedded executable code.
Embed malicious code into PDF file without security error Picture 2
To open the Windows Command Prompt command window from a PDF file, Adobe Reader forces users to confirm
Embed malicious code into PDF file without security error Picture 3
However, the security message may be changed to mislead users
The idea of this exploit was Jeremy Conway, an independent security researcher " variation " new way that hackers can attack. See more information and video clips here.
Adobe's popular products such as Flash Player, PDF or Adobe Reader file formats . have become major targets for hackers because most computers worldwide have applications installed. this. Readers need to be aware of unpublished PDF files or sent from unknown sources, public sharing from the internet and always let the security programs run permanently on the system.
David PacYou should read it
- Link download Foxit Reader 10.1.1.37576
- Why don't you need Adobe Reader anymore?
- Windows users need to update this software immediately
- Update Adobe Reader against zero-day errors
- Discover two important zero-day vulnerabilities in Foxit PDF Reader
- Top 5 best PDF reader apps on Android
- Adobe Reader DC 2020.006.20042
- Detected critical zero-day vulnerability on Adobe Reader
- Disable automatic updating of Adobe Reader DC
- How to set up voice text reading mode in Foxit Reader?
- How to rotate PDF files on Foxit Reader
- Software to read PDF files
Maybe you are interested
Instructions for using SwifDoo PDF Online Converter
How to insert a signature into PDF with Foxit Reader - Create a personal touch on PDF documents
The simplest way to edit PDF files
Wondershare HiPDF
Compress PDF files, reduce PDF size extremely quickly
Instructions for changing the default PDF reader on Windows 10
Disable PING response in Windows
The best security tools for 2010
10 ways to detect and eradicate computer viruses
Some ways to avoid the risk of computer attacks
Application security with AppLocker
Block Web access in ISA Server 2006