HomeWinBuzzer NewsIBM Security Expert: Microsoft Edge Browser Vulnerable to Drive-by-Attacks via Built-in PDF...

IBM Security Expert: Microsoft Edge Browser Vulnerable to Drive-by-Attacks via Built-in PDF Viewer


An IBM security researcher has discovered a major security flaw in ´s Edge browser.  Using drive-by-attack techniques attackers can execute malicious code in a similar way than how it´s usually done with malicious Flash, Java or Silverlight plugins.

The culprit of the security flaw is Windows 10´s built-in PDF Renderer library WinRT PDF which allows developers to easily integrate PDF viewing features inside their apps.

also uses WinRT PDF to offer a seamless PDF viewing experience like other browsers like Chrome and Mozilla Firefox.

According to Mark Vincent Yason, security researcher in IBM's X-Force Advanced Research team an attacker can contain a WinRT PDF exploit within a PDF file, which could be secretly opened using of screen iframes built with CSS.

In a drive-by-attack, the attacker could use any vulnerabilities in WinRT and not Edge itself to leverage and distribute his malware.

“A major factor that will affect when and how often we see in-the-wild for WinRT PDF vulnerabilities depends on how difficult it is to exploit them,” Mr. Yason explains.

He adds however that as Windows 10 implemented former EMET features like ASLR protection and Control Flow Guard, such exploits would be time consuming and therefore costly.

Mark Vincent Yason is scheduled to offer an in-depth presentation of this attack scenario at this year's RSA security conference in San Francisco.

SOURCE: Security Intelligence

Markus Kasanmascheff
Markus Kasanmascheff
Markus is the founder of WinBuzzer and has been playing with Windows and technology for more than 25 years. He is holding a Master´s degree in International Economics and previously worked as Lead Windows Expert for Softonic.com.

Recent News