Security researchers have found a way hackers can spread malware via malicious PDF files — even when there are no security holes present in the software that opens the document.
Researcher Didier Stevens found that by embedding executable files in PDF documents, hackers could run malicious code on the victim’s computer when the file is opened in either Adobe or Foxit PDF reader software.
The hack works even when the software has no security vulnerabilities, Network World reports.
If the document is opened in Adobe, users have to answer a dialog box before the code is run. However, a hacker could modify the message to persuade the user to allow the code to execute.
Both software makers have been notified and are reported working on a software fix to block this type of attack. We’ll keep you posted.