ScanSafe recently called out in its Annual Global Threat Report that malicious PDF files (often opened with PDF reader software) comprised 56 percent of Web-encountered hacker exploits in 1Q09, growing to 80 percent in 4Q09.
The security experts believe, "this trend is likely indicative of attackers' preference for PDF exploit, likely due to the increasing availability of vulnerabilities and the continued widespread use and acceptance of PDF files in the workplace."
The ScanSafe research follows a McAfee Labs report that predicted Adobe would overtake Microsoft as the primary target for hackers and virus writers in 2010.
There is a simple way to avoid these hazards -- do not install JavaScript processing with your PDF reader. You will loose a small amount of functionality, but it may be well worth it.
Unfortunately, this is something users cannot do with Adobe Reader. And that means hackers can potentially use the PDF JavaScript vulnerability to gain control of a user's computer - exposing users to system attacks and the transfer of personal information simply by viewing infected PDF files.
However, an answer to this troubling PDF security threat has hit the market - the free Nuance PDF Reader, which creates a safer PDF environment for the end user by allowing them to prevent JavaScript installation. This approach adds an additional safety net for IT professionals looking to safeguard their organizations.
We encourage you to download the free Nuance PDF Reader and share your experiences with us.
Recent Comments