madison

Zero Day

Ryan Naraine and Dancho Danchev
Home / News & Blogs / Zero Day

Adobe Reader and targeted malware attacks

By | March 10, 2010, 8:48am PST

Summary: If you’re still tardy in applying security patches for the ever-present Adobe Reader software, this chart from F-Secure should jolt you into action.

If you’re still tardy in applying security patches for the ever-present Adobe Reader software, the chart below from F-Secure should jolt you into action.

The chart provides hard data on the most commonly exploited software exploited by hackers in targeted attacks, the class of malware destined for one specific organization or industry.

It’s instructive that Adobe Reader has slowly bypassed Microsoft Word, Microsoft Excel and Microsoft PowerPoint over the last three years, even though those software products are just as ubiquitous in the business world.

From F-Secure: follow Ryan Naraine on twitter

There were 1968 files in 2008. The number was 2195 during the year 2009. That isn’t a very large increase in the overall total from 2008 to 2009 but we did see a greater percentage targeting Adobe.

And how about the first two months of 2010?

Well, so far the number is 895, which will more than double last year’s number if the current pace continues.

Well, what are you waiting for?  Get patching.

ALSO READ:

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Topics

Adobe Systems Inc., Adobe Acrobat Reader, Malware, Microsoft Corp., Attack, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security, Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues.

Disclosure

Ryan Naraine

The most important disclosure is of my employment with Kaspersky Lab as a security evangelist. Kaspersky Lab is a global company specializing in anti-malware and secure content management technologies. I do not own stocks or other investments in any technology company.

Biography

Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content management technologies.

Prior to joining Kaspersky Lab, Ryan was Editor-at-Large/Security at eWEEK, leading the magazine's and Web site's coverage of Internet and computer security issues and managing the popular SecurityWatch blog, covering the daily threats, vulnerabilities and IT security technologies. He also covered IT security, hacker attacks and secure content management topics for Jupiter Media's internetnetnews.com.

Ryan can be reached at naraine SHIFT 2 gmail.com. For daily updates on Ryan's activities, follow him on Twitter.

Talkback Most Recent of 43 Talkback(s)

  • Adobe Software
    What I don't understand is why people insist on continuing to use any software from a company with such a rich history of producing software with these problems. The chart pretty much says it all. I removed every trace of Adobe software from our systems about a year ago and haven't looked back. And people question why Apple doesn't allow Flash on their portable products?
    ZDNet Gravatar
    jdbroughton@...
    10th Mar 2010
  • For the same reason that some people still insist on using Windows.
    They're used to it.
    Their peers use it.
    Most developers make their stuff for it, since most people have it.
    ZDNet Gravatar
    AzuMao
    10th Mar 2010
  • why continue using?
    For the same reason that people drink Folgers coffee and Lipton tea. They are widely available, familiar and the alternatives, though better, are not as well known or easy to get. Of course, those beverages are not likely to be deadly due to their deficiencies.
    ZDNet Gravatar
    hizaleus
    10th Mar 2010
  • Halo effect
    What I don't understand is why people insist on continuing to use any software from a company with such a rich history of producing software with these problems.

    Speaking of rich history, they also developed the code that powers (or powered) PostScript, Type Manager, Illustrator, Premiere, and Acrobat, amongst others. Oh and lest we forget, a crazy gold plated graphics prog with a halo effect that exceeds damn near all others in reach called Photoshop (having wound its way to Adobe from the Knoll brothers). If PS isn't an "industry standard," I know of no another.

    And thus your answer.

    Adobe Flash and Reader remain the ugly ducklings in the pack. Free for the taking as it were, so who's to complain (except us)? wink
    ZDNet Gravatar
    klumper
    10th Mar 2010
  • The same people who orphan their own products
    They orphaned Pagemaker and will likly orphan Photo Shop. They tend to have very little concern for their customers - especially since they figure everyone NEEDS their products. I guess they will learn.
    ZDNet Gravatar
    bob@...
    10th Mar 2010
  • Pagemaker
    Thank goodness they orphaned Pagemaker. It SUCKED.
    ZDNet Gravatar
    swcook6
    11th Mar 2010
  • Options
    Well, for reading .PDF files, there just aren't that many alternatives out there. Nobody is going to be able to charge for a "better" .PDF reader, because Acrobat reader is free. These files are just a fact of life in the Internet age, you need to be able to read them for about everything from the documentation that comes with your new computer to the owner's manual for a car stereo that you boiught 5 years ago, and now you can't remember how to adjust the clock for Daylight Savings time.

    In a business environment, you'll get .PDF files for purchase orders, invoices, and various forms.

    It'd be great to just run Linux and pick up all of those things without Acrobat reader, but the software just isn't up to running Linux on many business desktops.

    As an IT administrator, it basically comes down to me having to be on alert for these things, and making sure that security patches are applied as they become available.
    ZDNet Gravatar
    SupraGuy
    10th Mar 2010
  • Foxit PDF reader (nt)
    nt
    ZDNet Gravatar
    Murfski
    11th Mar 2010
  • No choice for free readers?
    Not that Wikipedia is "all-knowing" and always
    accurate, but I can vouch for most of the stuff
    on this page.

    http://en.wikipedia.org/wiki/List_of_PDF_softwa
    re

    As you can see, there are plenty of
    alternatives for viewing, creating and
    converting pdf files, a lot of them free, for
    all platforms.

    Hope this helps.
    ZDNet Gravatar
    martian@...
    17th Mar 2010
  • RE: Adobe Reader and targeted malware attacks
    Wow, thank you SO much!! chanel bags
    ZDNet Gravatar
    lovedong
    12th Sep
  • RE: Adobe Reader and targeted malware attacks
    Folks,

    Get Patching? Now, if that doesn't sit well with you, maybe you have had enough of the 'the malware problem is yours' being put on you each day.

    Come over to Ubuntu Linux 9.10, which runs AppArmor by default and profiles Evince (Document Viewer, pdfs) and Firefox 3.6, just to name a few Apps which are safely protected in a security model called: Mandatory Access Control (aka sandbox).

    There won't be any need to rescue your PC on a daily basis as Linux has a very low incidence of infection, by virtue of how the operating system is written, designed from the beginning with true multi-user security in mind.

    So, step off of the MS Malware insanity treadmill and give Ubuntu Linux 9.10 your serious consideration.

    You won't regret it.

    Dietrich T. Schmitz
    GNU/Linux Advocate
    ZDNet Gravatar
    DTS Linux Advocate
    10th Mar 2010
  • Fail
    .
    ZDNet Gravatar
    Qbt
    10th Mar 2010
  • Why?
    .
    ZDNet Gravatar
    Great Kahuna
    10th Mar 2010
  • C'mon, you're being too hard on yourself
    there must be something you're good at, I hope. You only have to search for it harder.
    ZDNet Gravatar
    Great Kahuna
    10th Mar 2010
  • ^^ The above is spam
    And has been marked as such.
    ZDNet Gravatar
    Loverock Davidson
    10th Mar 2010
View More Comments

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
Click Here
Click Here

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
Click Here