Sister CISA CISSP

Apr 15 2010   6:49PM GMT

Adobe Reader at the Forefront of Malware Delivery

Arian Eigen Heald Arian Eigen Heald Profile: Arian Eigen Heald

Statistics from a new study by F-Secure indicate that Adobe Reader has surpassed Microsoft Office products as a vector for malware delivery 2009.

F-Secure has also pointed out that you can embed movies and songs, JavaScript, and forms that upload data a user inputs to a web server from within PDFs. And let’s not forget how there are functions within a PDF to launch executables and/or connect to a website.

Another researcher, Didier Stevens, has determined how to launch from a PDF, and demonstrated it with videos of the process, found here.

Adobe has been getting a lot of heat from the malware research community about their lagging efforts to patch the Reader, and other Adobe products, such as Flash. They are being compared to where Microsoft was eight years ago, when their security responses and their understanding of secure code development was hopelessly inadequate.

Microsoft has turned it around (mostly), and Adobe could benefit by following their example. There are a growing number of recommendations to eliminate Adobe as a Reader. Given that 48% of malware attacks came attached to PDFs, they could see their customer base shrink drastically.

At this rate of risk, halting incoming PDFs at the email server may be a prudent action. I’d do it.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: