Zeus Exploiting Unpatched PDF Flaw

By Kara Reeder | Apr 16, 2010 | Print this Page
http://www.enterprisenetworkingplanet.com/netsecur/zeus-exploiting-unpatched-pdf-flaw
According to Computerworld, the Zeus botnet is now making use of an unpatched flaw in Adobe's PDF document format discovered by security researcher Didier Stevens.

Zeus exploits the "/Launch" design flaw to embed attack code in the document. The article explains:

When users open the rogue PDF, they're asked to save a PDF file called 'Royal_Mail_Delivery_Notice.pdf.' That file, however, is actually a Windows executable that when it runs, hijacks the PC.

This may be the beginning of the PDF attack wave predicted by Mickey Boodaei, CEO of security company Trusteer.