Slashdot Mirror
Adobe Flaw Heightens Risk of Malicious PDFs
snydeq writes "Security companies warn of a new flaw in version 9 of Adobe Reader and Acrobat that could compromise PCs merely by the opening of a malicious PDF. Although attacks are not yet widespread, hackers are exploiting the flaw in the wild, gaining control of computers via buffer overflow conditions triggered by the opening of specially crafted PDFs." Adobe is calling the flaw "critical" and says a patch for Reader 9 and Acrobat 9 will be released by March 11.
And why exactly does Adobe Reader run with full permissions to all the user's files? Surely by now Adobe would have learned to run it in a sandbox. For example, the code that reads and renders the PDF could run in a separate process (a la IE8 or Google Chrome) and just send image data back to the main window.
More generally, the OS needs to make it completely easy to sandbox applications, so even the stupidest application developer can do it with little effort. Indeed, the default should be that it has no access to write files anywhere except those chosen by the user with the Save As box. I'm not holding my breath though...
-- Ed Avis ed@membled.com
Today is February 20. This is listed as a critical flaw and they are taking 18 days to release a patch. I'm glad they're getting right on this.
PDF has become what it set out to be, the de facto truly portable document format.
The problem is acrobat keeps larding in new features all the time to the point where in a corprorate environment you get more and more pdfs that require acrobat to even see.
it's an embrace and extend approach.
the problem here is the problem microsoft occasionally runs into-- if you monocrop then their is huge exposure to the possibility that viruses can spread like wild fire.
But with microsoft we were always in that boat from the first day they introduced it. microsoft docs always went hand in hand with the application software environment creating a stable ecosystem for any potential virus. (I use the term virus liberally)
with pdf this was not the case. Pdf is a format. there are many readers.
but adobe's constant racheting of add ons is threatening this.
Some drink at the fountain of knowledge. Others just gargle.
Disclaimer, this is an observation, but may seem a bit of a troll...
Once again we see market dominance and poor attention to security collide.
What makes this story interesting is the 'features' Adobe leaves enabled in PDF document features that even Microsoft knows better than to allow.
This creates the interesting aspect of Adobe losing touch and Microsoft actually getting it for once.
If you look at the MS XAML (XPS) document/display formats that compete directly with PDF, Microsoft got it right.
1) Less vulnerbilities - the lack of internal to external scripting of XAML and the sandbox nature of the XAML display and print formats dual sandbox the content inside a managed code environment.
2) XPS is void of scripting which more closely compares to PDF documents.
3) For print industry and press people, XPS/XAML is still turning heads even as new as it is compared to Postscript/PDF. This is not only in consistent print abilities, but speed as well.
4) Add all these together and then realize XAML/XPS can inherently draw and reproduce graphics that are outside the abilities of PDF and Adobe begins to have a reputation problem with companies like agfa, xerox, vari, etc.
(Yes PDF can display anything, but most advanced drawn graphics have to be rasterized because the language cannot inherently draw them. - This also increases the storage sizes and the processing times of high speed printers and presses.)
*A side note, because of OS X's dependence on Display PDF, it also has the same inherent drawing limitations when dealing with advanced graphics. Forcing applications to hack through the native drawing abilities of OS X, and in contrast developers on the Vista Windows side of the market are finding they no longer have to deal with limitations of GDI+ which is comparative to Display PDF on OS X.