Zeus botnet is now using an unpatched flaw in Adobe’s PDF document format to infect users with malicious code. Zeus is the first major botnet to exploit a PDF’s /Launch feature, which is, strictly speaking, not a security vulnerability. Adobe has acknowledged the bug, but has not committed to producing a patch. The attacks come less than a week after other experts predicted that hackers would soon exploit the /Launch flaw in PDF documents to install malware on users’ computers. The attack technique may be new, but the behind-the-scenes malware and the gang that produces it is standard Zeus fare, an expert says.”]
Source: https://www.csoonline.com/article/2125073/zeus-botnet-exploits-unpatched-pdf-flaw.html