Kaspersky Lab’s report also showed that of the top ten software vulnerabilities identified on most infected users come from Adobe products including Adobe Reader and Adobe Acrobat both accessing files in PDF formats.

News source: http://www.abs-cbnnews.com/lifestyle/gadgets-tech/06/12/10/adobe-hackers-favorite-1st-quarter-2010

To view the complete Kaspersky Lab Report, go to http://www.securelist.com/en/.

Post from: 4x PDF Blog

Adobe on top of the list of virus attackers favorite in Q1 2010

No related posts.

The attackers could exploit the latest bug to hijack the targeted computer through the compromised “authplay.dll” file packaged with every installation of Reader and Acrobat. The temporary fix is to rename or delete this file and it will work for Reader and Acrobat but this temporary fix does not work for Flash Player causing it to crash.

Adobe will patch this critical bug for Flash Player but the fix for Reader andAcrobat will be bundled with the impending patch which was earlier scheduled for 13th July. This previously planned patch will now be brought forward to 29th June to include the fix for the latest bug.

Read more details on http://www.computerworld.com/s/article/9177811/Adobe_delays_Reader_patch_as_attacks_spread_exploit_code_goes_public?taxonomyId=82

Post from: 4x PDF Blog

Adobe delays security patches for Reader and Acrobat

No related posts.

As part of this agreement, Adobe will transition development and support of its 3D SDK and related technologies, associated employees and other related resources to Tech Soft 3D. Adobe will continue to support 3D data within its applicable products, including Adobe Reader software. Tech Soft 3D will continue to develop latest CAD translators and provide it to end users as plug-ins for Adobe software for reading and producing output in 3D PDF.

Adobe’s 3D SDK consists of 3D CAD translation suite and Software development kit for PDF publishing. Adobe 3D SDK enables OEM development teams to create applications that access data from around 25 commonly used 3D file formats and translate the content into 3D PDF files based on industry-accepted standards such as PRC and U3D formats.

On completion of this transaction, Tech Soft 3D will continue to update, enhance and support 3D technologies from its development center in Lyon, France. Tech Soft 3D also plans to repackage the 3D SDK and PRC Publisher into a pure library form for easier integration with other products and applications.

The press release appeared at http://www.marketwatch.com/story/tech-soft-3d-reaches-agreement-with-adobe-to-develop-adobe-3d-sdk-technology-2010-05-24?reflink=MW_news_stmp

Post from: 4x PDF Blog

Tech Soft 3D signs agreement with Adobe to develop and distribute 3D SDK

No related posts.

Adobe Reader for Android offers various features such as multi-touch navigation functions such as pinch-and-zoom and double-tap-zoom, flick-scrolling and panning. It also features ”reflow” mode which automatically wraps the content of text-heavy documents with wide margins for easy viewing on smaller screens of handheld devices.

Adobe Reader for Android is now available for free from Adobe. Adobe has also published a FAQ on Adobe Reader for Android which can be accessed at http://www.adobe.com/products/reader/pdfs/android_FAQ.pdf

The minimal system requirements for Adobe Reader are

• Android v2.1
• 550MHz processor
• 256MB RAM
• 4.3MB available disk space

Steve Gottwals also listed the Android devices that have been tested for Adobe Reader and are supported. These devices include Motorola Droid, Motorola Milestone and Google Nexus.

The news appeared on the Adobe Reader Blog at http://blogs.adobe.com/adobereader/2010/05/introducing_adobe_reader_for_a.html

Post from: 4x PDF Blog

Adobe Reader now available for Android

No related posts.

The key difference between Adobe’s existing and new update technology is that the latter would update the software in the background without additional notification or permission from the user. The existing update technology alerts the users on the availability of patches but leaves it to the discretion of users to install the patches. Hence, the new update technology would ensure that more and more users are fully-patched and covered for any known PDF vulnerabilities.

Adobe also intends to reduce the interval between regular updates from seven days to three days.

Adobe has recently been swarmed with numerous vulnerabilities and attacks on PDF documents. As per one of the studies, PDF vulnerabilities were responsible for nearly 80% of exploits in 2009.

The news appeared at http://www.computerworld.com/s/article/9175043/Adobe_to_switch_on_silent_PDF_updates_for_Reader_Acrobat

Post from: 4x PDF Blog

Adobe to enable silent PDF updates for Reader and Acrobat

No related posts.

The workaround was posted on a blog by Adobe’s Product Manager, Steve Gottwals and Steve suggests to alter a Registry settings on Windows or grey-out a PDF preference which would stop users from turning on or launching the embedded content. The change in settings could be done by the System administrators.

In the meantime, Adobe is evaluating the best-suited way forward to push such workarounds through the Product updates.

Read Adobe’s blog on this workaround at http://blogs.adobe.com/adobereader/2010/04/didier_stevens_launch_function.html

The news appeared at http://www.zdnet.co.uk/news/security-threats/2010/04/08/adobe-offers-workaround-for-pdf-risk-40088569/?s_cid=938

Post from: 4x PDF Blog

Adobe proposes workaround to avoid PDF hacks

No related posts.

Conway’s proof of concept does by by showing two files: 1) an “empty.pdf” file, and 2) an evil “ownit.pdf” which contains the malware. When he opens the “ownit.pdf” file, he then clicks “Open” on the displayed dialog, after which the original “empty.pdf” file now also contain the malware.

You can see the Conway’s video here

Note: two things;  according to Stevens and Conway, this does weakness is based around the PDF specification itself not the Adobe Reader; the attack itself requires the user to click through a dialog — as such, a form of ‘social engineering’ would be required by the attacker, i.e. the message displayed to the user would have to make clicking ‘open’ a reasonable thing to do — certainly something like ‘would you like a worm?’ — wouldn’t be such a note…

An Adobe spokeswoman replied Monday night to both Stevens and Conway’s posts with: “Users can also turn off this functionality in the Adobe Reader and Adobe Acrobat Preferences by selecting > Edit > Preferences > Categories > Trust Manager > PDF File Attachments and clearing the box ‘Allow opening of non-PDF file attachments with external applications.’”

At the moment, the Foxit Reader does not display any such dialog to the user although the Foxit team say that they are working on this process.

Source of Information [http://news.cnet.com/8301-27080_3-20001792-245.html]

Post from: 4x PDF Blog

Watch out for the wriggling PDF worm!

No related posts.

Didier Stevens created PoC PDFs for tests on Adobe Reader 9.3.1 and Foxit Reader on Windows XP SP3 and Windows 7. Didier Stevens explains that when executing PoC PDFs on Adobe Reader, the Reader displays a warning message to the user for an approval to launch the executable which can also be manipulated from displaying. While the Foxit Reader does not even display any warning or message and is worst of the two Readers.

Didier Stevens has shared his PoC PDFs with Adobe PSIRT for a possible fix to avoid such manipulation of PDF files.

Read Didier Stevens’ entire PoC exercise on his blog at http://blog.didierstevens.com/2010/03/29/escape-from-pdf/

Post from: 4x PDF Blog

Security expert finds a way to exploit PDF without a vulnerability

No related posts.

FULL DISCLOSURE: While I am an occasional consultant to Adobe Systems (among others), this review is objective.

Cutting through the Bloatware Bloviation

Almost every review of PDF software (some examples here, here and here) starts or ends with the complaint that Adobe’s Reader is bloated “for some unknown reason.” As such, it is claimed, a need for alternative “lightweight” free PDF viewing software was born.

Bloat implies “unnecessary weight”. Adobe’s Reader weighs in at 182 MB installed because (a) it’s built to handle as many of the poorly constructed PDF files in the world as possible, and (b) it’s got lots of hidden functionality.

Why poorly-constructed PDFs exist at all is another question (we’ll talk about it some other time), but the fact remains: there are lots of malformed PDFs out there.

If you are counting installer or installed megabytes (who still does this?) there are definitely smaller competitors, but they can’t open all the bad PDFs that Adobe Reader can handle.

In the last five years, download size and disc space required has lost almost all significance when it comes to choosing software. If you can’t stand the wait for a 26 MB download vs 6 or 16 MB, I’m confident that you represent a vanishingly small proportion of real world users. We’re not talking about hundreds of megabytes here. Most users can manage a DSL connection or better as often as they need to install software.

Let’s agree to call something “bloated” if we know there’s no reason for the size and/or if the size creates a problem. Otherwise, let’s get back to performance, which is far, far more interesting than megabytes.

Is my software properly caffeinated?

The second common complaint is that Adobe Reader is “slow”. A while ago, we performed a casual comparison of Adobe Reader with Preview [link to Talking PDF at Appligent.com] in Mac OS X, and determined that in at least that one specific instance, Reader was a little faster.

Now we’re back to look at PDF Readers for Windows, and this time, we’re looking for more information.

The PDF Reader Review

I chose 3 free PDF desktop viewers for Windows in addition to Adobe’s Reader for this review. All tests were performed under Windows XP (itself running under VMware, if you must know).

Rather than focus on marquee features or each company’s claims, I chose to evaluate real-world performance in key government and business functions to see whether or not these applications were ready for prime-time.

What “prime time” means when it comes to choosing a PDF viewer

If you claim to be an “Adobe Reader replacement”, you better be ready to play in Adobe Reader’s league, which means far more than the ability to display and print PDF files.  Everyone recognizes this, which is why all these free Readers are larded up with additional, non-Reader features.

Specifics about the tests conducted are provided below the table.

~#~ For the full review including Nuance’s PDF Reader, see the article on Appligent Document Solutions’ site.

Review Notes

Linearized PDF (Fast Web View)

Many (if not most) PDF files posted to websites are linearized – what Adobe calls “Fast Web View”.  You can (and should) linearize your own PDFs before posting (in Acrobat, it’s a “Save As”).  To check a PDF to see if it’s linearized, look in the “Description” tab in the file’s Properties (File -> Properties menu, or Control-D).

When a linearized PDF file is downloaded from a server that supports the technology (the vast majority), the result is a file that displays onscreen as soon as the first page has arrived while the rest of the file continues to download in the background.

Applications that support linearized PDF can therefore display large (even massive) PDF files far faster than applications which force the user to download the entire file prior to displaying it.  Here’s a linearized PDF you can try in your browser.

Certified Documents

We attempted to open this PDF file (the US Budget for 2011, 7.7 MB), then noted the differences in behavior between each viewer.

“All Functions” means that the viewer displayed the Certificate noting its status and provided a means to validate the certificate.

“Ignored” means that the viewer appeared unaware that the PDF has been certified

“Status Only” means that the viewer, although aware that the PDF was certified, offered no means of validating the certificate.

“Error” means that the viewer behaved in an invalid manner.  In this case, the viewer incorrectly stated that a valid certificate was invalid.

Open Options

Not all viewers respect the Open Options settings in PDF files with respect to the display of bookmarks, thumbnails and other open-file options.

A PDF viewer must be able to display bookmarks or thumbnails as the document’s author intended. These are vital usability features for longer documents, and other file option options (zoom level, for example) are important as well.

Only Bookmarks and Thumbnails open options were tested for this review.

Annotations

The test file [from Talking PDF at Appligent.com] is a simple PDF that includes one example of each type of standard PDF annotation.

While there are many powerful annotation features in Acrobat and Adobe Reader, a PDF viewer, minimally, must be able to properly display standard annotations added by other software.

Speed Tests

The same 1018 page file (a version of the US House’s Health Care Reform legislation) was used for the speed tests.

The cold start speed was a single trial following a system restart. Warm start speed was an average of 3 trials, while the open file speed (ie, the application was already running) was an average of 4 trials. The timekeeping was manual; your mileage may vary.

The “giant file” used for the “open giant file” test was a 306.7 MB, 1,010 page PDF. For obvious reasons, I’m NOT posting it – you’ll just have to trust me. Each application was started before the file was loaded.

Form Tests

We attempted to open a few of our customer’s forms with each viewer and noted the results.

“Simple” forms included basic calculations and validation only.

“Complex” forms included field-properties formatting and other advanced Acrobat JavaScript methods and techniques.

In addition, a fairly simple XFA form was tested. No function was expected on this form using the non-Adobe viewers.

** – Foxit failed the “simple” and “complex” tests because the application displayed check-boxes and other form-fields incorrectly (it filled checkboxes with solid color instead of a check-mark, for example).

Support for PDF/A

The archive subset of PDF is ISO 19005, better known as PDF/A, is the standard for long-term preservation of electronic documents.

Published in 2005, PDF/A is now being adopted by governments, courts and businesses around the world.

PDF/A includes “conforming viewer” requirements. In this review, however, only one viewer appeared to notice when a PDF/A file was opened. Here’s a good explanation of what it means to be a conforming PDF/A viewer.

Installer and Installed Size

You read the review, you be the judge. Does size really matter?

Post from: 4x PDF Blog

Four Free PDF Readers Reviewed

No related posts.

Adobe has recommended its users to update their current version of software to 9.3.1 and for the users who cannot update to 9.3.1, Adobe has provided them with version 8.2.1. The Adobe users can check the security bulletin and the procedure to update the software at http://www.adobe.com/support/security/bulletins/apsb10-07.html

Post from: 4x PDF Blog

Adobe releases critical Security updates for Adobe Reader and Acrobat

No related posts.

According to Sans Internet Storm Center analyst Bojan Zdrnja, there is evidence of a high level of skill in recently analysed Adobe Reader exploit code. “If we are to judge the new year by the sophistication the attackers have started using, it does not look too good,” he wrote in a blog post.

Bojan also says that the large cross-platform base of users — many of whom are business based, makes it an attractive target for hackers.

Post from: 4x PDF Blog

IT managers should watch PDF and Adobe Reader’s software closely in 2010

No related posts.

But it’s not the concept of PDF Portfolio’s that troubles them per se, but rather the fact that in certain bleeding-edge PDFs, Adobe include a warning message that tells you to download the latest version of Adobe Acrobat or Adobe Reader if you want to view the PDF in question. No ifs, buts or maybes — if you want to view this PDF, then you’ll need to use Adobe’s software.

The reason for this, according to Adobe’s Leonard Rosenthol is that:

Apple’s Preview application doesn’t even support the complete PDF 1.4 specification, let alone the current ISO 32000-1 standard. Nor, unfortunately, do most other 3rd party vendors. That is why we (Adobe) are unfortunately forced to put such notices/warnings in PDFs files that use “more advanced” features of PDF so that users get SOME experience rather than blank pages…

His response sounds reasonable on the surface, but it raises a few other important questions.

• these PDFs can’t be opened by any none-Adobe software, it doesn’t matter if the PDF reader supports the relevant advanced PDF feature or not. Why doesn’t Adobe recommend other 3rd party software along side their own?
• should Adobe be encouraging the use of advanced PDF features, for widely distributed PDFs, before these advanced features have been implemented by the majority of other PDF software vendors?
• a document that can only be opened by Adobe software, isn’t really portable, is it?
• are PDFs simply becoming too complex? Perhaps there is a reason why the majority of PDF software vendors do not support certain advanced PDF features.

These questions will likely be quickly dismissed by Adobe, but there’s little doubt in my mind that a philosophical discussion about the future of PDF needs to take place. It seems that Adobe, and the ISO committee responsible for the next PDF specification update, are trying to make PDFs bend in a way that they were never originally designed to bend, and that without careful consideration, the Portable Document Format could lose its way.

Post from: 4x PDF Blog

Are PDF Portfolio’s A Bad Idea?

No related posts.

This venture makes Barnes and Noble the most portable and compatible eBookStore and offers the customers of Nook, the new Barnes and Noble eBook reader and other compatible devices, as well as eReader for iPhones, PCs and Blackberry. Also the customers with devices that use the Adobe Reader Mobile software development kit (SDK) will now be able to read and purchase content from BN.com, the world’s largest eBookstore.

William J. Lynch, president of Barnes & Noble.com said “By standardizing on EPUB and collaborating with Adobe on a content protection standard based on Adobe technology, Barnes & Noble is delivering the richest range of content available, across a broader array of devices than anybody else.” He continued “Consumers can feel confident that when they buy their digital content from BN.com, they can read it on more devices than any other bookstore. This collaboration with Adobe further delivers on our commitment to provide the digital content our customers want, anytime, anywhere and on whatever device they choose.”

This deal will make the most of world’s most favorite file format, PDF. Barnes and Noble will make all their content available to customers in PDF, which is one of the most compatible and secure file formats. Moreover, Adobe is integrating Barnes & Noble’s eReader social content protection technology into Adobe Reader Mobile SDK, Adobe Content Server and, eventually, into Adobe Digital Editions.

Post from: 4x PDF Blog

Open EPUB eBook Format, Adobe Content Server and PDF adopted by Barnes and Noble.

No related posts.

A limited number of users also received a beta-updater which Adobe says is going to assist in ensuring that security updates were efficient and accessible.

Adobe also launched the Reader/Acrobat JavaScript Blacklist Framework which allows users to prevent certain JavaScript function calls — this will allow IT decision makers to make these high-level decisions.

Gone are the days where a PDF was as safe as a printed page…

Post from: 4x PDF Blog

A mammoth patch for Reader (and family)

No related posts.

But for now you can keep the pirates at bay by:

… users should use the “general preferences” dialog menu option to disable JavaScript – Edit > Preferences > JavaScript, and uncheck “Enable Acrobat JavaScript”.

ComputerWeekly.com report that according to Adobe — those running Data Execution Prevention (DEP) on Vista have nothing to fear…

Post from: 4x PDF Blog

Lockdown! Adobe says to disable JavaScript in Adobe Reader (yet again)

No related posts.