3
Possible Duplicate:
Are .docx or .pdf files potentially dangerous?
Google Chrome just came out with an update (new version) and now it tells me that PDF downloads may harm my computer.
What can the PDF file do that is dangerous?
Bryan Field
Posted 2010-12-10T14:14:27.800
Reputation: 487
4
aside from acrobat reader being one of the most favored attack vectors, it can have embedded js, embedded executables, embedded video, has had many codec problems that allowed buffer overflows, currently opts out of security features offered by host OSes(DEP and/or ASLR), and lets individuals hit flash without going through a browser(which means you think you're downloading a pdf and you get flash active content, a bad practice)
RobotHumans
Posted 2010-12-10T14:14:27.800
Reputation: 5 758
note: there is talk that it will soon take part in host OS security features – RobotHumans – 2010-12-10T14:29:45.930
0
They've always been potentially harmful, and in the past few months they've been very harmful. Part of the new notification may be that Google chrome now has ways of protecting you by showing the PDF inline with chrome, which has some isolation protection (called sandboxing). Maybe now that they can do something about it, they'll tell you.
PDF files are complex, which means you need to write complex code to show them. If code has bugs, it may be used to take over a computer. Complex code has much more chance to have these bugs. Acrobat is very complex and has these bugs. Acrobat Reader also allows Javascript, a programming language. If you don't isolate the language well, it can do bad things. Acrobat has had problems with the isolation recently.
Rich Homolka
Posted 2010-12-10T14:14:27.800
Reputation: 27 121
0
See Symmantec's The Rise of PDF Malware, by Karthik Selvaraj and Nino Fred Gutierrez.
Surprise, it's a PDF file!
We have seen an ever increasing use of PDFs for malicious purposes over the past two years. [...] In this whitepaper, we discuss the current PDF threat landscape, some current vulnerabilities being exploited in PDF documents, and various methods used by the malware authors.
The Chrome change went in with Revision 63158; if you look at the diff, you'll see quite a few other file types, which you might not use as often as PDFs, were also added.
medina
Posted 2010-12-10T14:14:27.800
Reputation: 105
http://www.zdnet.com.au/attackers-exploit-dangerous-pdf-file-vulnerability-339283231.htm an old issue though – None – 2010-12-10T14:21:44.457
I'm quite sure it doesn't suddenly tell you this. However, it's probably warning you about some specific websites? – Arjan – 2010-12-10T15:57:27.670
Related: Are PDF files potentially dangerous?
– Sathyajith Bhat – 2010-12-10T16:18:17.067Arjan: Google Chrome just came out with an update (new version) and now it tells me this. I expect it is not site specific. – Bryan Field – 2010-12-10T16:47:00.533
Okay, so then it's not "all of a sudden" at all! – Arjan – 2010-12-11T12:45:05.307
You may be interested to know that the chrome beta has an integrated PDF viewer. It's pretty nice! – Fake Name – 2010-12-11T13:03:49.573
You may be interested to know that the update has that viewer - it is out of beta now. One of my coworkers has PDFs on the hard disk open with Chrome instead of Adobe Reader (not just the PDFs on the web). – Bryan Field – 2010-12-11T15:12:46.740