PDF Feature ‘Certified’ Widely Vulnerable to Attack
#1
Information 
Quote:Certified portable document format (PDF) files are used to securely sign agreements between two parties while keeping the contents’ integrity protected, but a new report found the security protections on most certified PDF applications were inadequate and left organizations exposed to a number of attacks.
 
Researchers from Ruhr University Bochum explained certified PDFs use two specific signatures to authenticate the document, an Approval signature and a Certification signature. Certification signatures are the more flexible and made to handle complicated agreements between multiple parties and allow some changes to the document within a set of parameters while still maintaining its validity.

Unsurprisingly, Certified signatures are where the team found vulnerabilities to two specific novel attacks they dubbed, “Evil Annotation” (EAA) and “Sneaky Signature” (SSA). Both allow an attacker to overlay malicious content (PDF) on top of the certified information without showing any signs it was altered.
 
EAAs display malicious content in the document’s annotations and then sends it on with its digital signature intact. SSAs add malicious content over legitimate content in the PDF itself.
 
The team said the results of its evaluation of the 26 most popular PDF applications were “alarming.”
 
“In only 2 cases, we could not find a vulnerability; 15 viewers were vulnerable to EAA, 8 to SSA, including Adobe, Foxit, and LibreOffice,” the report said. “We additionally analyzed the standard-compliant implementation of PDF certification applications and found issues in 11 of them.”

Read more: PDF Feature ‘Certified’ Widely Vulnerable to Attack | Threatpost
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 4 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
uBOLite_2024.12.23.23
uBOLite_2024.12.23...harlan4096 — 10:29
You found a seed phrase from someone els...
Scammers have inve...harlan4096 — 09:58
Google files remedies proposal in DOJ's ...
The U.S. Departmen...harlan4096 — 09:48
PowerToys 0.87.1
PowerToys 0.87.1 ...harlan4096 — 09:46
GFYI [Official] EaseUS Christmas 2024 B...
Merry Christmas and ...zevish — 08:07

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>