Adobe’s PDFs Make Up 80% of All Internet Exploits in 2009
We knew before that Adobe was a huge target for hackers, but recent findings show just how bad the programs’ security really is. Out of all Internet exploits and attacks of 2009, 80% have been done by infecting Adobe’s PDF and Flash files.
According to ScanSafe, the California company that carried out this research, vulnerabilities in Adobe Reader and Adobe Acrobat made it the most-exploited software in 2009, growing from 56% in in the first quarter of 2009, to 80% in the fourth quarter of 2009. These finding warn users to try to avoid PDF files and try to switch to other formats until Adobe fixes their security issues.
“I think organizations should avoid Adobe if possible. Adobe security appears to be out of control, and using their products seems to put your organization at risk. Try to minimize your attack surface. Limit the use of Adobe products where you can,” says Stephen Northcutt, president of the SANS Technology Institute.
The best way to combat this problem is to make sure your computer’s security software is up to date and to be careful when opening attachments in the form of PDFs without knowing exactly who they’re coming from.
(Via Tech.Icrontic)
In light of further Adobe security concerns, where many businesses and consumers are now questioning the real capabilities and the value for money of their document creation software; it’s important that people are aware of how to protect their PDFs.
Here are some top tips on PDF security by Global Graphics [url]http://bit.ly/GlobalGraphicssecurity[/url] :
1. Keep your PDF software and virus software updated by visiting your providers' website
2. Don’t open PDFs from people you don’t know, no matter how tempting the title!
3. Keep an eye out for any PDF security advice coming out from the likes of SANS
4. Be wary of PDF software that has had security scares or is targeted by hackers. There are alternatives.
5. If you do use free PDF software from smaller providers, make sure you know they have strong support services