The previously unknown dangers of PDF’s and what to do…


Here’s a really new one for you that, if not addressed, could be all but catastophic for you.

This new security issue can affect even Firefox users which means browsing security holes aren’t just for IE anymore.

So what is this insidious new problem?

Well, here’s where it gets kind of scary.

Apparently it is possible for executable javascript to be attached to PDF documents.

This means that spyware can quite easilly be spread to your machine when all you’ve done is open a PDF document.  The code will automatically activate and execute whatever it is the nasty author designed it to do (key logging, cookie value capture, etc.).

This is a serious problem which it seems can be corrected by installing the newest Adobe Acrobat Reader update.

That may seem fine, but the real problem is that many, if not most, people may never be made aware of this before it’s too late.  There are a tremendous number of users of the Acrobat Reader that never update their software and there are also some folks on older machines and operating systems who simply cannot update.

You can read more about this issue and see some examples of how it works (in theory) at O’Reilly and you can check out an ongoing discussion thread (there are links here to a number of discussions).

I urge you to use one of the links above and update to the newest Reader if you are able.

Just one more beautiful way our wonderful technology that we all love and count on so much can be a huge problem as well.

Onward & Upward!

Sam Knoll

Comments on The previously unknown dangers of PDF’s and what to do… Leave a Comment

January 10, 2007

davak @ 1:18 pm #

Thanks for the warning.

/updating now.

This is an interesting post, and a scary thought that PDF files could be carriers of malware. Your post prompted me to upgrade my Adobe Reader to ver 8. I also managed to make this my default reader (which took some digging) because I have Adobe Acrobat 6.0 Standard installed, and it has been the default since installation … which slows down the reading process quite a bit due to the time required for Acrobat to load.

However, my question now is whether Acrobat itself is subject to these potential malware intrusions. Upgrading this isn’t so trivial … it costs (real) money!

Any thoughts or info on this from anyone?


SamTheEagle @ 6:30 pm #


That is a VERY good question.

That sounds like a very good one to ask of Adobe.

I’ll see what I can get and post the results.

Thanks for sharing.

Sam Knoll

Leave a Comment

Fields marked by an asterisk (*) are required.

Filed under Blog, General Musings, Online Marketing by  #

Made with Semiologic Pro &bull