The Register – John Leyden
Posted in Malware, 6th April 2010 13:37 GMT
The security perils of PDF files have been further highlighted by new research illustrating how a manipulated file might be used to infect other PDF files on a system.
Jeremy Conway, an application security researcher at NitroSecurity, said the attack scenario he has discovered shows PDFs are “wormable”. Computer viruses are capable, by definition, of overwriting other files to spread. Conway’s research is chiefly notable for illustrating how a benign PDF file might become infected using features supported by PDF specification, not a software vulnerability as such, and without the use of external binaries or JavaScript. [Read more]
