PDF Exploits On the Rise

An anonymous reader writes "According to the TrustedSource Blog, malware authors increasingly target PDF files as an infection vector. Keep your browser plugins updated. From the article: 'The Portable Document Format (PDF) is one of the file formats of choice commonly used in today's enterprises, since it's widely deployed across different operating systems. But on a down-side this format has also known vulnerabilites which are exploited in the wild. Secure Computing's Anti-Malware Research Labs spotted a new and yet unknown exploit toolkit which exclusively targets Adobe's PDF format.'"

Time for PDF Lite?

[davidwr]

Most PDF files have nothing more than text, vector graphics, and images in "read-only" formats. They don't have fill-in-the-blank fields or load-a-codec-and-play-a-video, or active content.

Web browsers need a "simple PDF" plugin that will activate on PDFs. If the "simple PDF" plugin loads a file with content it can't display, it will display what it can and give the user an opportunity to load the file in a full-fledged PDF plugin or external viewer.

Re:Good news cause PDF's should be shunned

[querist]

As a university professor, I actively encourage my students to use PDF files if possible. OS X and Linux come with PDF output, and I'm sure there's a way to do it in Windows without paying Adobe.

I also specifically PROHIBIT MS Office 2007/2008 .docx, .pptx, .xlsx, .xlwx, etc. formats. I'm not paying for an "upgrade" that completely changes the UI and introduces a new format without providing any real benefit to me.

Yes, I accept OpenOffice.org documents (as well as .dvi, .ps, and the formats from iWork)