PDFs are safe, right? Not anymore
July 27, 2010 by Steve HannafordPosted in: In this week's e-newsletter, Latest News & Views, Security
There’s something about PDF files that makes users think they’re safe to open. And that’s exactly why they’ve become one of the preferred malware delivery vehicles for hackers.
That’s the warning from Appligent Software CEO Duff Johnson, one of the experts on the file format and document management.
The worst thing is that most users and IT staff treat PDF files as somehow different from other files. Although they’re the most commonly used format for archiving and file sharing, PDF files are as capable of being corrupted with malware as damaging as found in the most pernicious spam or corrupt Office file.
This didn’t use to be the case, notes Johnson, but over the last few years, hackers have turned their attention to this widely used and seemingly safe format. He links to an IBM Threat Report that documents this growing problem.
According to some research, PDFs represent the biggest malware threat companies face right now. For example, a report by security firm ScanSafe found that in the fourth quarter of 2009, 80% of all exploits targeted flaws in Adobe’s PDF software. At the time, those flaws were getting a lot of attention, leading hackers to put more effort into exploiting them.
And earlier this year, we reported on another attack that didn’t make use of a security bug, but rather exploited PDF documents’ ability to run embedded executable files.
PDF attacks usually occur when users are tricked into opening a file, often one that uses embedded JavaScript or Flash content that interacts with a remote server.
Key steps for companies:
- IT departments have to get up to speed on the latest PDF threats, just as they keep current on e-mail threats.
- End users should learn to treat PDF files the same as any file — don’t open it if you are unsure of its origin.
- Update PostScript viewing software (generally Adobe Viewer) as soon as it is released — Adobe is constantly working on responding to the latest threats.
- Consider using alternative PDF viewers that are less common than Adobe, and therefore may be less susceptible to attacks.
- You may want to consider disabling Flash and JavaScript in your PDF readers. At least one major company surveyed said that they only permit JavaScript as an exception.
DocuCrunch.com delivers the latest IT and Imaging news once a week to the inboxes of over 200,000 IT and Imaging professionals.
Click here to sign up and start your FREE subscription to DocuCrunch!
Tags: Appligent Software, Duff Johnson, malware, PDF
Loading ...
July 21st, 2010 at 9:29 am
Why are people spreading such fear? What is the matter with creating PDF files that only contain formatted text and static image files? Why must everything be everything to everybody? Why can’t we have a simple solution in the public domain that does one thing efficiently? Then we wouldn’t have to worry about the latest security threat on the horizon.