The "code execution" in PDF parsing is what enabled this legendary zero-click, z... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		mizzao 7 months ago \| parent \| context \| favorite \| on: Show HN: Tetris in a PDF The "code execution" in PDF parsing is what enabled this legendary zero-click, zero-day exploit of iOS devices: https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-i...

kccqzy 7 months ago [–]

That exploit is indeed legendary but the code execution involved is not JavaScript. In fact the iOS PDF renderer does not have JavaScript enabled.

saagarjha 7 months ago | [–]

Obviously a skill issue; a true hacker would re-enable it.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact