Researcher: Rogue PDFs account for 80 percent of all exploits

[angelfire]

*******
Just hours before Adobe is slated to deliver the latest patches for its popular PDF viewer, a security firm announced that by its counting, malicious Reader documents made up 80 percent of all exploits at the end of 2009.

According to ScanSafe of San Bruno, Calif., vulnerabilities in Adobe’s Reader and Acrobat applications were the most frequently targeted of any software during 2009, with hackers’ PDF exploits growing throughout the year.

In the first quarter of 2009, malicious PDF files made up 56 percent of all exploits tracked by ScanSafe. That figure climbed above 60 percent in the second quarter, over 70 percent in the third and finished at 80 percent in the fourth quarter.

“PDF exploits are usually the first ones attempted by attackers,” said Mary Landesman, a ScanSafe senior security researcher, referring to the multi-exploit hammering that hackers typically give visitors to malicious Web sites. “Attackers are choosing PDFs for a reason. It’s not random. They’re establishing a preference for Reader exploits.”
*******

Read more: http://www.macworld.com/article/146474/2010/02/pdf_security.html?lsrc=rss_main

[justy]

those pdf's can be nasty buggers.

[swytch]

In this case, then, do you think its fair to say that "attackers" are focusing on a certain sterotype of users?  Many times I read of exploits targeting software companies but, I think in this instance, they are banking more on the "type" of users who might be frequently using PDFs and assuming they fall victim more often (which it appears statistics might prove valid).  Its not poor Adobe.. its poor Adobe's target market!   Interesting...

Anyone else's thoughts on this??



Swytch~~ 

[angelfire]

Hmmm... I'm leaning more towards it being due to the sheer size of Adobe's market, rather than to perceptions of the users themselves. The more users, the more end targets for the attacks. And it sounds like the Adobe software itself is becoming known to the hackers as having a lot of areas to exploit, so there's the double attraction of it being both vulnerable and widely used.

I Have Adobe Reader and use it occasionally for things that are only available in PDF. This news about it being unsafe has me unsettled -- having just gone through a nasty round with an infected laptop, I'm not up for a repeat any time soon. Are there better alternatives to Adobe, or maybe preemptive measures that can be taken when using it? (Come to think of it, Swytch, maybe you're on to something with it being the users themselves. If the majority are anything like me, they're clueless!! )

[swytch]

I haven't read into it enough to note whether the problem lies with specifically "adobe products" or if its the PDF technology itself.  A pretty good Adobe PDF alternative which I use frequently (because its free, faster and less of a process hog) is CutePDF.




Swytch~~