Are malicious PDF files society’s greatest menace?
…okay, maybe we’re being a little harsh there.
But a recent ScanSafe report indicates that malicious PDF files accounted for 80% of all web-encountered exploits in 2009. Flash exploits, on the other hand, dropped from 40% of all exploits in 1Q09 to 18% in 4Q09.
(By comparison, web-encountered exploits in Word and Excel comprised less than 1% of all detected exploits for the year).
It’s an interesting change-of-scene. In response to these perceived security flaws, some are recommending avoiding Adobe products altogether – which would make sense, except that more than 90% of internet-enabled PCs have Acrobat installed (and more than 99% of them have Flash).
But as Dancho Danchev at ZDNet points out, the increased number of exploits may be owing to the number of outdated Adobe products in use. As mentioned in his article, if 83% of those PC users with Acrobat installed haven’t installed the latest security patch, they may as well paint a big target on their backs.
Given the widespread use of Adobe products, avoiding Acrobat and Flash isn’t really a viable answer for most small businesses and individuals. Like most things in internet security, you can do a lot to protect yourself by just being a little more proactive. Keep your Adobe products updated. Treat any downloaded PDF files with the same caution you would use when opening an executable file. And if you’re really worried, disabling the use of javascript in Acrobat Reader and avoiding the use of browser plug-ins will give you an extra layer of protection.
(And in case you’re wondering, you can download the original ScanSafe report here. Yes, we’re well aware of the irony that it’s delivered as a PDF.)
Kipp Chambers
Sr. Internet Marketing Specialist
Related posts:
Tags: adobe, internet security, it security, malware
How to Clean Your Internet Explorer Cache 
Researching Businesses Online 
What is Your Domain Name, Where does it Live, and When Does it Expire?
Must Have Apps for the Android Platform: Part 2