Rogue PDFs Behind 80% of Exploits In Q4 '09

CWmike writes "Just hours before Adobe is slated to deliver the latest patches for its popular PDF viewer, ScanSafe announced that by its counting, malicious Adobe Reader documents made up 80% of all exploits at the end of 2009. In the first quarter of 2009, malicious PDF files made up 56% of all exploits tracked by ScanSafe. That figure climbed above 60% in the second quarter, over 70% in the third and finished at 80% in the fourth quarter. Mary Landesman, a ScanSafe senior security researcher, said, 'Attackers are choosing PDFs for a reason. It's not random. They're establishing a preference for Reader exploits.' Exactly why hackers choose Adobe as their prime target is tougher to divine, however. 'Perhaps they are more successful,' she said. 'Or maybe it's because criminal attackers are human, too. We respond when we see a lot of people going after a particular product... We all want to go after that product, too. In the attacker arena, they might be thinking, 'Gee, all these reports of Adobe Reader zero-days, maybe I should get in on them too.'"

This will kill pdf

[dee.cz]

one already can't send pdf attachments or even links to pdf to customers without risk of mail being deleted or lost in spam folder.

Re:Me too? NOT

[Trepidity]

It is, simply, the best current trojan delivery vehicle. I send my CV in PDF format

That is also my reason for choosing this fine document format for my CV.

But does it run in Linux?

[mspohr]

I run Linux and Mac and people keep telling me that I am missing out on all this great software... so I want to know if I can run these neat new "Rogue PDFs".

Re:Which PDF viewer?

I have found the best solution is to contact the site owner and request they print out the PDF and snail mail it to you.