Alternative PDF readers recommended for better security

Common Tasks

Community

Email Notifications

Personal Links

Security Protection - Harry Waldron (CS)

Security Best Practices, Breaking News, & Updates

Adobe's Acrobat reader is the world's most established PDF reader. It's popularity has created a target for attack and malicious authors have been active in creating exploits. At RSA conference, alternative PDF readers were recommended to reduce PDF risks, as most of the current exploits are specifically written for Adobe.

As security can be improved through obsurity, vulnerabilities in other PDF readers might not explored as deeply. Adobe is frequently fixing these security holes. Users who prefer it should stay patched and use the latest version.

All users should avoid unusual PDFs and process them with up-to-date anti-virus software prior to opening them. Finally, use best practices and be careful with any PDF file you receive. If it's an unusual message containing a PDF attachment, always avoid opening it.

Article - Ditch Adobe Reader for Better Security
http://tech.yahoo.com/news/pcworld/20090421/tc_pcworld/ditchadobereaderforbettersecurity

QUOTE: The popular Adobe Reader is a favorite target of online crooks, according to Mikko Hypponen, chief research officer with antivirus company F-Secure. And for better security you should ditch Reader and go with a free alternative, he says.

Malware-pushing bad guys increasingly target Adobe Reader flaws, Hypponen says. In 2008, from Jan. 1 through April 16, F-Secure saw PDFs used in 128 dangerous drive-by attacks. This year, during the same time frame, the company has seen 2,305 drive-by's using PDFs. Such attacks go after a vulnerable Reader browser plugin, Hypponen says. Poisoned PDFs are also often used as part of a customized, targeted attack, he says, when they're sent to a specifically selected recipient attached to a well-crafted e-mail.

Hypponen didn't recommend any particular alternative program, but suggested heading to pdfreaders.org for a list of free apps. He did point out that at the time of IE 6's security infamy, many switched over to using Firefox. And as that browser gained significant market share, it also drew the hacker's eye. His hope, he says, is that people use a variety of alternate PDF readers and thereby fly under the bad guys' radar.

Posted: Apr 22 2009, 02:00 PM by Harry Waldron | with no comments

Questions? Contact Susan at Susan-at-msmvps.com. Each post's copyright held by the original author. All rights reserved. Blog site is an independent site not sponsored by Microsoft.
Our servers would like to thank www.ownwebnow.com and www.exchangedefender.com. We wouldn't be here without the generosity of Vlad Mazek and his companies.

Powered by Community Server (Commercial Edition), by Telligent Systems

Theme based on the Paperclip Blog Theme included in Community Server.
Enhanced to a Site-Wide Theme by Interscape Technologies.