[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Millions of PDF invisibly embedded with your internal disk paths

Ian Bradshaw wrote:

> This isn't a security issue its a privacy issue.

If the leaked, embedded paths can be things like UNCs or IP-based 
internal server addresses, it is arguably a bit more than a privacy 
issue, allowing silent, external, partial mapping of the corporate 

Not good if your organization is in the habit of making lots of PDFs 
more or less publicly available from many departments, etc...

Definitely something the security team should be aware of and 
(probably) making sure there are policies, and as necessary, 
amelioration tools and processes, to handle such.


Nick FitzGerald