PDF Readers Continue Being Increasingly Exploited

Security researchers at security firm McAfee Labs discovered that exploits of Adobe's PDF format increased tremendously in 2009 and are continuously surging in 2010.

According to the security firm, with the growing popularity of free PDF readers, malware exploiting the vulnerabilities in the software has also increased.

McAfee Labs' security strategist Toralv Dirro said that there has been radical surge in the volume of malware created to abuse the security flaws in PDF readers over the recent years, as per the news published by techday.co.nz on April 30, 2010.

According to reports, only 2% of all malware containing a vulnerability exploit targeted an Acrobat or Adobe Reader bug in 2007 and 2008. But the figure climbed up to 17% in 2009 and to a striking 28% in the first quarter of 2010.

Dirro stated that PDF flaws have proved increasingly useful to the attackers in the past three years for a few basic reasons, reported ComputerWorld on April 29, 2010. First and the most important reason is that it is becoming increasingly hard for them to discover fresh vulnerabilities within the browsers and with the operating systems which could be exploited across different Windows' versions. Secondly, Reader is a commonly deployed application that facilitates files to be opened or accessed within browser.

Among the other factors contributing to the exponential increase in PDF exploits are the belief of the user that it is safe to open PDFs (atleast safer than opening MS-Office documents) and the age of the Adobe's PDF code, Dirro added. Most of the PDF code was written several years ago and attackers are discovering such security flaws in the software which had never been thought at that time. This makes it increasingly difficult to patch the vulnerabilities in the Reader.

Meanwhile, McAfee is not the lone security firm to report a surge in PDF exploits. Earlier in March 2010, F-Secure revealed that out of around 900 targeted attacks it tracked during January-February 2010, 61% exploited a vulnerability in Reader. Recently, Microsoft also noted that 46% of browser-based exploits during July-December 2009 targeted flaws in free Adobe Reader.

Related article: PDF flaw gets fixed with Adobe patch

» SPAMfighter News - 5/11/2010