Site icon The Mac Security Blog

PDFs Are More Dangerous than Previously Thought

In a recent presentation to the Chaos Communication Congress in Berlin, security researcher Julia Wolf highlighted a number of “features” of the PDF format that could lead to serious security issues. Wolf showed that a PDF could contain a database scanner that could “scan a network when the document is printed on a network printer,” and that PDFs could “blindly trigger the execution of arbitrary programs in Acrobat Reader.” PDFs also support “inherently insecure script languages such as JavaScript, formats such as XML, RFID tags and digital rights management (DRM) technologies.”

In addition, PDFs are such that data can be hidden in many places within files. Document and metadata can be read and modified using Javascript, and compressed files, such as ZIP files, could be incorporated inside PDFs. In short, the PDF format, designed to retain layout across platforms, has been turned into a kitchen-sink format that does far too much, and this overloading of features leads to potential security issues.

Adobe plans to use sandboxing in the next version of its Reader and Acrobat software, but it’s not clear whether this will be enough to mitigate some of the possible exploits that can be used in PDFs.

So, once again, we strongly recommend that Mac users use Preview to view PDFs, unless they absolutely need features present in Adobe’s software.

Share this: