Report on new virus that travels as a PDF attachment
Apparently only works with full commercial Acrobat, not free Reader

7 August 2001

Reports began surfacing today of a possible new virus, one with a new approach to wreaking havoc -- arriving undetected as a PDF file attachment (annotation).

Dubbed the "OUTLOOK.PDFWorm" by Zulu, its apparently South American-based creator, the VBScript worm uses Microsoft Outlook to send itself in a PDF, disguised as a simple image-based game. If the user -- who must be using the full commercial Adobe Acrobat product, not the free Reader -- plays the game, trouble may follow in the form of malicious code being spread by Outlook.

Richard Smith, CTO of the Privacy Foundation, announced the discovery on several email discussion lists early today, explaining that it "uses a PDF file to bypass the new security feature of Outlook which automatically deletes dangerous file attachments. With this security feature, all VBScript attachments are deleted because they might be computer viruses. However with Zulu's trick, a malicious VBScript file can instead be hidden inside a PDF file which Outlook considers safe."

In the detailed description posted on his Web site, the creator describes his worm as a "proof of concept," basically his attempt to be the first to prove that PDF files can be used to carry viruses.

Acrobat offers several degrees of built-in protection from malicious programs within PDF files -- displaying warnings to users and allowing administrators to configure Acrobat so links are not opened automatically.

Earlier this summer, McAfee announced it had developed anti-virus support for Adobe Acrobat 5.0 to "ensure the safe exchange of PDFs across corporate networks and the Internet."


PDF In-Depth Free Product Trials Ubiquitous PDF

Debenu Aerialist 11

The ultimate plug-in for Adobe Acrobat. Advanced splitting, merging, stamping, bookmarking, and link...

Download free demo

Debenu PDF Tools Pro

It's simple to use and will let you preview and edit PDF files, it's a Windows application that makes...

Download free demo

Two Passwords Are Better Than One: The Low-Down On PDF Security

For people who don't spend their time looking at PDF files in text editors*, PDF security is a sometimes misunderstood beast.

For example, those document restrictions that PDF files sometimes have -- no Printing, Content Copying, Page Extraction, etc -- are essentially useless unless the PDF also has a User Password.

January 09, 2014
Platinum Sponsor



Search Planet PDF
more searching options...
Planet PDF Newsletter
Most Popular Articles
Featured Product

Debenu PDF Aerialist 11

The ultimate plug-in for Adobe Acrobat. Advanced splitting, merging, stamping, bookmarking, and link control. Take Acrobat to the next level.

Features

Adding a PDF Stamp Comment

OK, so you want to stamp your document. Maybe you need to give reviewers some advice about the document's status or sensitivity. This tip from author Ted Padova demonstrates how to add stamps with the Stamp Tool along with related comments.