Security News

HP's cybersecurity folks have uncovered an email campaign that ticks all the boxes: messages with a PDF attached that embeds a Word document that upon opening infects the victim's Windows PC with malware by exploiting a four-year-old code-execution vulnerability in Microsoft Office. Booby-trapping a PDF with a malicious Word document goes against the norm of the past 10 years, according to the HP Wolf Security researchers.

While most malicious e-mail campaigns use Word documents to hide and spread malware, a recently discovered campaign uses a malicious PDF file and a 22-year-old Office bug to propagate the Snake Keylogger malware, researchers have found. "While Office formats remain popular, this campaign shows how attackers are also using weaponized PDF documents to infect systems," HP Wolf Security researcher Patrick Schlapfer wrote in the post, which opined in the headline that "PDF Malware Is Not Yet Dead."Indeed, attackers using malicious email campaigns have preferred to package malware in Microsoft Office file formats, particularly Word and Excel, for the past decade, Schlapfer said.

Threat analysts have discovered a recent malware distribution campaign using PDF attachments to smuggle malicious Word documents that infect users with malware. In a new report by HP Wolf Security, researchers illustrate how PDFs are being used as a transport for documents with malicious macros that download and install information-stealing malware on victim's machines.

Security researchers have devised a tool that detects flaws in the way apps like Microsoft Word and Adobe Acrobat process JavaScript, and it's proven so effective they've found 134 bugs - 59 of them considered worthy of a fix by vendors, 33 assigned a CVE number, and 17 producing bug bounty payments totaling $22,000. Making that happen requires the PDF both to define native PDF objects and to parse JavaScript code.

Microsoft says the Outlook PDF preview feature might be broken for some Microsoft 365 customers on systems where the company's PowerToys open-source toolset is also installed. According to Microsoft, one of the reasons this error is displayed is the PDF preview File Explorer add-on bundled with Microsoft PowerToys.

Researchers have disclosed an unpatched security vulnerability in "Dompdf," a PHP-based HTML to PDF converter, that, if successfully exploited, could lead to remote code execution in certain configurations. In other words, the flaw allows a malicious party to upload font files with a.php extension to the web server, which can then be activated by using an XSS vulnerability to inject HTML into a web page before it's rendered as a PDF. This meant that the attacker could potentially navigate to the uploaded.

Foxit Software this week released security updates for its PDF Reader and PDF Editor applications, to address multiple vulnerabilities, including some leading to remote code execution. All three flaws are use-after-free vulnerabilities in the JavaScript engine of PDF Reader that an attacker could exploit by tricking the target into opening a malicious PDF file.

Eleven critical bugs in Adobe's popular and free PDF reader, Acrobat, open both Window and macOS users to attacks ranging from an adversary arbitrarily executing commands on a targeted system to data leakage tied to system-read and memory flaws. The free Acrobat Reader 2020 and PDF-creation and editing software Acrobat 2020 were among the list of those programs with critical bugs patched.

USENIX, the not-for-profit advanced computing association, has decided to put an end to its beloved LISA sysadmin conferences, at least as a standalone event. In an online announcement, the LISA steering committee said that after 35 years of producing the "Best systems engineering content" the event "Will no longer be scheduled as a standalone conference."

Microsoft has released an optional out-of-band update for all supported Windows 10 versions to address an issue preventing customers from opening PDF documents using some applications. The KB5004760 emergency update is available for devices running client editions of Windows 10 versions 2004, 20H2, and 21H1, as well as Windows Server versions 2004 and 20H2. "An out-of-band optional update is now available on the Microsoft Update Catalog to address an issue in which Internet Explorer 11 and apps using the WebBrowser control might fail to open PDFs," the company says.