Adobe's Portable Document Format (PDF) is the single most popular file format for sharing documents on the Internet. Supported by a free viewer (Adobe Reader) on all major computing platforms, it allows people to read faithfully rendered documents created in hundreds of programs (either natively or converted to PDF using Adobe Acrobat).
But it's very popularity and ubiquity is a challenge to security; allowing attackers to target a single program widely used on Macs, Windows PCs, and Linux systems. And the very flexibility that allows a PDF file to include everything from a complex presentation, to a government form, to a high-end catalog, creates a wide attack surface for criminals to take advantage of.
When it comes to security, 2010 has been a watershed year for Adobe. First the bad news: since January 2010, there have been around 60 vulnerabilities reported for Adobe Reader and Acrobat for Mac, nearly all of which are rated with a "high" severity, according to the National Vulnerability Database. Since the start of the year, Adobe issued eight separate security updates for the products, in some cases after the vulnerabilities were already being exploited by bad guys across the Internet.
More: http://www.pcworld.com/article/214372/
............................................................................................
But it's very popularity and ubiquity is a challenge to security; allowing attackers to target a single program widely used on Macs, Windows PCs, and Linux systems. And the very flexibility that allows a PDF file to include everything from a complex presentation, to a government form, to a high-end catalog, creates a wide attack surface for criminals to take advantage of.
When it comes to security, 2010 has been a watershed year for Adobe. First the bad news: since January 2010, there have been around 60 vulnerabilities reported for Adobe Reader and Acrobat for Mac, nearly all of which are rated with a "high" severity, according to the National Vulnerability Database. Since the start of the year, Adobe issued eight separate security updates for the products, in some cases after the vulnerabilities were already being exploited by bad guys across the Internet.
More: http://www.pcworld.com/article/214372/
