Google Chrome users who open local PDF files in it need to be more vigilant. The internet has information about the vulnerability that allows the attacker to use a PDF file to get some information about the victim. According to the tests, the vulnerability only applies to Chrome and does not occur when PDF files are opened in another application, for example Adobe Reader.
As the ZDNet service points out, such attacks have been registered for a long time, and the first series of applications reaches October 2017. The second increase in attacks was recorded in September 2018 – several PDFs were downloaded to the network, which exploited the vulnerability in Chrome.
As a result, attackers can capture data such as the public IP address of the user, the operating system version, or the full path of the started PDF file, and thus – the outline of the folder structure on the victim’s computer. This data can serve as a hint for further action and help attackers if they want to use other malware.
For technical details, read the EdgeSpot team blog, who discovered the vulnerability and investigated it. The problem has already been reported to Google and confirmed by the team responsible for the development of Chrome, but to issue an update you will have to wait a bit. It was announced that the patch will appear only in April.
The vigilance is the solution until April
Until the update is released, Chrome users must simply be more vigilant. The precaution accompanying the opening of attachments of suspicious e-mails should now also be used in the context of PDF files. The simplest solution may be to change the default program for displaying such documents, if it was previously Google Chrome.
To do this, in Windows you need to visit the application settings, then select the “Default applications” tab and then the “Choose default applications by file type” link. It may take a while to load the list. At the end, find the entry for PDF files and change the default startup program to non-Google Chrome.
It’s worth remembering that the issue of security in the context of the Google Chrome browser does not end with how to handle PDF files. Every day you should also watch out for dangerous extensions, which are still often found in the official store with extensions.