Security researchers have found a new malicious PDF that could be easily exploited by the Google Chrome zero-day flaw when victims using Chrome as a local PDF viewer.
Attackers are exploiting the Chrome zero-day vulnerability to track the users and collect the personal information of the users when they open this malicious PDF in chrome browser.
The security experts at EdgeSpot were the first one to spot a flaw in PDF when it is opened via Chrome browser locally, but it has no malicious activities when it opened popular Adobe Reader.
The engine detected as “POTENTIAL ZERO-DAY ATTACK (Google Chrome), PERSONAL INFORMATION LEAKAGE.
The researchers at Edgespot found that HTTP packet is collecting information of the user by the malicious sender:
- The public IP address of the user.
- OS, Chrome version etc (in HTTP POST header).
- The full path of the PDF file on a user’s computer (in HTTP POST payload).
The users are suggested to use alternative PDF reader application for viewing the PDF until the Chrome issue is fixed, or you can switch off the internet while using Chrome to view PDF documents.