Because PDFs have so many "features," hackers have learned how to hide attacks deep under the surface.
PDFs are widely used business file format, which makes them a common target for malware attacks. It's one thing to read about malicious PDFs, but quite another to see one up close and personal. The author, a security researcher, offered a step by step dissection of a malicious PDF file. This was illustrated last month in an article, Anatomy of a PDF Hack, by Tomer Bitton. Without question, if someone emails you a PDF file, opening it in the Adobe Reader is a Defensive Computing mistake. But, fairness is not my priority, Defensive Computing is.Īnd, the Adobe Reader has a third strike against it: a long history of security vulnerabilities.
This is not fair to Adobe any more than avoiding Internet Explorer is fair to Microsoft. You are therefore, safer as a lesser target. For example, the Adobe Reader includes Flash, an accident waiting to happen if there ever was one.Īny popular application is always going to be targeted by bad guys as it offers the most bang for the buck. The more code, the larger the attack surface. It's a huge download because it has every feature ever invented. The epitome of bloated popular software is probably the Adobe PDF Reader.
0 kommentar(er)
