If you try to open a Word document beautified with uncommon fonts that aren't installed on your system Windows renders it using the closest fonts it can find. This lets you read the document, but it can wreak utter havoc on formatting. Text boxes don't line up, pages break at the wrong spot, figures get separated from their captions, and so on. The same disconnect can happen between the document viewed on-screen and the same document rendered by your printer. In the early 90s Adobe created its Portable Document Format (PDF) for the specific purpose of ensuring that documents look exactly the same no matter what devices are used to view or print them. So why are there so many exploits using the PDF format to attack computer systems? Because Adobe lost track of its mission, that's why.
Mikko Hypponen, Chief Research Officer at F-Secure Corporation, has been tracking the use of PDF files by malware coders, both as widespread threats and threats targeted for specific purposes. He pored through the huge specifications document for the PDF format and found features that you'd never dream were present.
Hypponen's blog post on the subject goes into detail; here are some of the highlights. PDFs can contain embedded videos, music, and 3D objects, with JavaScript for rendering. A form built into a PDF can send data to a remote server. The PDF format even includes an option to launch executable files. There's no way these features are necessary! As Hypponen says, "With specs like these, it's no wonder it takes ages for Adobe Reader to boot up and load all the plugins. It's no wonder there are regular security problems with PDF readers in general." To highlight the problem, researcher Didier Stevens recently created an alarming proof of concept PDF file that executes arbitrary code when you view it.
Adobe's been very successful promoting the PDF format—PDFs are everywhere. How can you protect yourself from their inherent vulnerabilities? Hypponen suggests you completely avoid opening PDFs on your local machine, instead viewing them through Google Docs. If you're using Chrome, Firefox, or Opera, you can install the gPDF plug-in to automate the process for web-based PDFs. For your local files, he suggests you "use a PDF reader that's as unpopular as possible. The fewer users a product has, the less attacks it will attract."
A better solution, though, would be for Adobe to go back to their roots and again provide a true, simple Portable Document Format. Get rid of the wacky added functions, or push them into a "PDF Plus" format. Make the default PDF a file format that displays correctly no matter what device we use to view or print the document. That's what we needed when Adobe devised the format almost 20 years ago, and that's what we need today.
