Acrobat Backdoors
Spotted this on the weekend > backdooring PDF files. One thing I noticed is that most of these are folder level javascripts and not document level. Folder level would be that you’d have to compromise the machine before Acrobat could be compromised.
The other thing I noticed was that people are reporting that Xpdf and Foxit Reader don’t have these issues. Of course they don’t - they don’t support Javascript…
Also the notion that you can open a webpage from Acrobat/Reader is nothing new - plus it does warn you before it does open a web page (7 does at least).
