PDF

Just a few days after adding a new set of features to Dropbox for Teams, the cloud storage company rolled out a new version of its iOS application which introduces a few useful additions as well. For starters, it has added an improved PDF viewer, which lets you navigate to any page in the document by tapping on the thumbnail. It’s rather awesome, in fact. The update also introduces push notifications for folders shared with you – a feature that’s now available on Android, too....

SophosLabs: A fascinating new example of Mac malware has been discovered, that appears to be adopting an old Windows-style disguise to fool users into running it. Despite the numerous times that cybercriminals have created boobytrapped PDF files that exploit vulnerabilities to infect unsuspecting users, many people still think that PDF files are somehow magically safer to open than conventional programs. The OSX/Revir-B Trojan plays on this by posing as a PDF file....

Acrobat Blog: We are excited to announce that Adobe CreatePDF application is now available on iOS. With this, Adobe brings rich, high-fidelity and Acrobat-like PDF creation to the iOS devices. You can now convert all your documents on iPad, iPhone & iPod touch devices to PDF for reliable, secure sharing and viewing across PCs, tablets & Smartphones. The application uses Adobe’s online PDF Creation service for conversion of files to PDF thereby ensuring no compromise on quality and performance....

Avira TechBlog: Adobe released a security advisory in which it warns from a zero-day vulnerability within current version of Adobe Flash Player, Reader and Acrobat. Affected are Flash Player 10.2.153.1 and earlier versions for Windows, Mac, Linux and Solaris, the current version integrated in the Chrome web browser, and 10.2.156.12 and earlier versions for Android. The authplay.dll component of current and older version of Adobe Acrobat and Reader are also affected; according to Adobe, the sandbox of Acrobat Reader X prevents from execution of malicious payloads though....

The latest release of Google Chrome includes the Chrome PDF Viewer which won’t properly display some PDF files like Dynamic Forms and PDF Portfolios. While Google Chrome is not a supported browser, the Adobe PDF Plug-In For Firefox and Netscape 10.0.0 does actually work with Chrome on Windows. If you want to display your PDF files in Chrome using the Adobe Reader, you can easily disable the native viewer. Just type “about:plugins” in address bar and then disable the Chrome PDF Viewer....

For Google Chrome users, viewing PDFs in the browser has been a colossal pain for lo these many moons. That’s why we are (and you should be) thrilled to learn that Google is rolling out a better way to look at PDFs in Chrome. For the time being, Chrome’s built-in PDF viewer will be available through the beta version only. If you’re using the non-beta version of Chrome, you can download the beta to get the PDF-related improvements or enable the PDF viewer by typing about:plugins in address-bar and enable PDF viewer....

Windows is an attractive platform for the malware writers, in part, because of the sheer number of users. As Microsoft creep towards making their offerings more secure, applications are increasingly becoming the focus for vulnerability exploitation. Like Windows, Adobe products are a default software choice for most users. The bad guys know this and realize that its profitable to scrutinize their applications for exploitable vulnerabilities and create malware to take advantage of the fact....

A malicious PDF file has turned up which exploits a new security vulnerability in Adobe Reader and Acrobat – even in the most current version 9.3.4 and 8.2.4, on all supported platforms. There is currently no update available from Adobe which fixes the vulnerability. The company is aware of the problem though. The weakness is a buffer overflow within the CoolType.dll of the Adobe Reader and Acrobat installation. While parsing a PDF document with specially prepared SING (Smart INdependent Glyphlets) fonts it is possible to abuse the vulnerability to execute malware....

Dear Microsoft, We’d like you to consider developing a PDF reader for your Windows OS. Something such as Apple’s Preview would be great: “To view a PDF file, just double-click it to open it in Preview.” Mac doesn’t require a third-party application to view PDFs, so why does Windows? Heck, you don’t even need to build it into the OS. Just make it an optional download such as your Save As PDF add-in for Office....

A blog contributor who goes by the name of “jeremy” has continued to research the possibilities inherent in the recently discovered .pdf-file weakness that could enable the execution of code. Jeremy posted earlier this week that he had created a proof of concept .pdf file that could spread to other .pdf files on a system or network (which makes it a worm). “Within the proof of concept I infected a single benign PDF file from another PDF file, but this proof of concept could easily be modified to recursively traverse a users computer directories to find and infect all PDF files on that users computer and/or accessible to that user at the time of execution with any payload of my choosing....