A quick download, a couple of clicks, a naughty URL and you're in the business of crime
By Darren Pauli, 12 Jun 2014Attacking enterprises just got easier with the development of an idiot-friendly tool that spits out booby-trapped PDFs with a few clicks.
The tool weaves existing exploits into PDFs, allowing attacks against Adobe Reader and Acrobat versions 8.x prior to 8.2.1 and 9.x before 9.3.1.
Users can insert their own URL pointers into the program, which then spits out an exploited PDF. Microsoft's free anti-virus had blocked the attack (CVE-2010-0188) in a test and it was likely other platforms would raise flags too.
Full Article
Why make it easy for people to launch attacks? It is beyond me.