Comment on Doom is playable on PDFs (at least in Chromium-based browsers)
viking@infosec.pub 10 months agoYeah it does. Adobe has a lot of active script support, including java script for example, which can be exploited. If a software can’t interpret those scripts at all and simply displays plain text, that means malware won’t be executed.
And since Adobe Acrobat / Acrobat Reader are the most common pdf viewers out there, they are a natural target for hackers as well.
iAmTheTot@sh.itjust.works 10 months ago
Is Acrobat the only pdf reader with active script support? For example, do the common browsers which can also open pdfs not support the same things?
viking@infosec.pub 10 months ago
I genuinely don’t know, I have set my browser to download pdfs by default and only open them with Sumatra. There might be a scripting layer active in the browser as well though, quite possible.
iAmTheTot@sh.itjust.works 10 months ago
Then would you agree that it doesn’t have to do with Adobe Acrobat, as much at it does active script in PDFs and if the reader executes it?