×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Zeus Botnet Exploits Unpatched PDF Flaw

CWmike (1292728) writes | about 4 years ago

Security 0

CWmike (1292728) writes "The Zeus botnet is now using an unpatched flaw in Adobe's PDF document format to infect users with malicious code, security researchers said Thursday. The attacks come less than a week after other experts predicted that hackers would soon exploit the '/Launch' design flaw in PDF documents to install malware on unsuspecting users' computers. The just-spotted Zeus variant uses a malicious PDF file that embeds the attack code in the document, said Dan Hubbard, CTO of security company Websense. When users open the rogue PDF, they're asked to save a PDF file called 'Royal_Mail_Delivery_Notice.pdf.' That file, however, is actually a Windows executable that when it runs, hijacks the PC. Zeus is the first major botnet to exploit a PDF's /Launch feature, which is, strictly speaking, not a security vulnerability but actually a by-design function of Adobe's specification. Adobe declined to answer questions whether Zeus' use of /Launch in rigged PDFs would prompt the company to release a patch for Reader and Acrobat, although it said a change to the functionality might 'conceivably [be made] available during one of the regularly scheduled quarterly product updates.' Previously, Adobe has acknowledged that Stevens' attack used a legitimate feature of Reader and Acrobat, and urged users to change Reader's and Acrobat's settings to disable the vulnerable feature."
Link to Original Source

0 comment

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...