With the Edge of the user's attention! WinRT PDF the presence of vulnerabilities or hacking-vulnerability warning-the black bar safety net

2016-03-04T00:00:00
ID MYHACK58:62201672186
Type myhack58
Reporter 佚名
Modified 2016-03-04T00:00:00

Description

Use the Edge browser users to pay attention to the browser before the date is considered to exist a certain security risk, may be exploited by hackers jeopardize computer security.

IBM X-Force Advanced research team of security experts Mark Vincent Yason said, Win10 in the WinRT PDF the presence and the past few years has used Flash and Java similar web page hang horse attacks vulnerability.

WinRT PDF is Windows 1 0 the system's default PDF reader, if it as the Edge browser's default PDF reader, any embedded to the web page of the PDF document are able to be in this library open.

! Edge browser's default PDF-reading there web page hang horse risk of attack

Edge browser

If there is a hack via PDF file to use this WinRT PDF vulnerability, you can use the included CSS iframe positioning to secretly open a malicious program of the PDF file and execute a malicious program.

The current official Microsoft has not officially responded to this issue, since the WinRT PDF is already in the Windows Store on the frame of the widely used, so we still careful as well.