Alternative PDF readers recommended for better security
Adobe's Acrobat reader is the world's most established PDF reader. It's popularity has created a target for attack and malicious authors have been active in creating exploits. At RSA conference, alternative PDF readers were recommended to reduce PDF risks, as most of the current exploits are specifically written for Adobe.
As security can be improved through obsurity, vulnerabilities in other PDF readers might not explored as deeply. Adobe is frequently fixing these security holes. Users who prefer it should stay patched and use the latest version.
All users should avoid unusual PDFs and process them with up-to-date anti-virus software prior to opening them. Finally, use best practices and be careful with any PDF file you receive. If it's an unusual message containing a PDF attachment, always avoid opening it.
Article - Ditch Adobe Reader for Better Security
QUOTE: The popular Adobe Reader is a favorite target of online crooks, according to Mikko Hypponen, chief research officer with antivirus company F-Secure. And for better security you should ditch Reader and go with a free alternative, he says.
Malware-pushing bad guys increasingly target Adobe Reader flaws, Hypponen says. In 2008, from Jan. 1 through April 16, F-Secure saw PDFs used in 128 dangerous drive-by attacks. This year, during the same time frame, the company has seen 2,305 drive-by's using PDFs. Such attacks go after a vulnerable Reader browser plugin, Hypponen says. Poisoned PDFs are also often used as part of a customized, targeted attack, he says, when they're sent to a specifically selected recipient attached to a well-crafted e-mail.
Hypponen didn't recommend any particular alternative program, but suggested heading to pdfreaders.org for a list of free apps. He did point out that at the time of IE 6's security infamy, many switched over to using Firefox. And as that browser gained significant market share, it also drew the hacker's eye. His hope, he says, is that people use a variety of alternate PDF readers and thereby fly under the bad guys' radar.