Hacker News new | ask | show | jobs
by aeroaero 1180 days ago
How is this possible? Can someone point me in the direction of what mechanism is used here.

If I open a pdf in chrome for example am I opening myself up to this kind of attack?
2 comments
Renaud 1180 days ago
I would say first thing is to disable Windows Explorer from hiding the extension of files.

From what I understand, it was an executable inside a zip attachment to an email disguising itself as a partnership proposal from a reputable source.

The file inside the zip probably had a .pdf.exe extension. By default, Windows Explorer would show it as a .pdf, making it easy to run by mistake.

link
andreareina 1179 days ago
Wait it wasn't an executable pdf that escaped the sandbox, it was a *.pdf.exe?? Why does Windows even still have this vulnerability?
link
richardjam73 1180 days ago
That should be stopped by the smartscreen prompt which is pretty hard to bypass by accident.
link
TheLoafOfBread 1180 days ago
PDF can run JavaScript
link