Threat of the month: PDF/Acrobat vulnerabilities

June 5, 2009

PDF/Acrobat vulnerabilities
What is it?
Adobe PDF is the Portable Document Format, a cross platform way to share documents. The most popular viewer for such documents is Adobe's Acrobat Reader. Multiple exploits have been found.
 
How does it work?
Acrobat and PDF viewers are popular and are installed by default on many PCs as a browser plug-in. PDF exploits usually take advantage of extended features in PDF documents to deliver the exploit.
 
Should I be worried?
Yes, exploit kits are widely available. New vulnerabilities are found regularly and exploited quickly. New zero-day exploits are also popular against business and government clients.
 
How can I prevent it?
Stay updated with anti-virus products. If possible disable JavaScript in the Acrobat Reader configuration to disable common exploit delivery mechanisms. If possible, unload the PDF browser plugin, as well. All of these steps will reduce the attack surface, but not eliminate it completely.

 

prestitial ad