Adobe Issues PDF Reader Security Report

With the surge in hacking attacks targeting PDF, Adobe has released a new paper discussing the problems and solutions to PDF security.

The company, which founded the portable document format, identifies the leading cause of PDFs susceptibility to these attacks as other vendors PDF readers.

While it may appear as finger-pointing, Adobe recommends other vendors consider stronger security measures in their readers, which would benefit both the industry and certainly users.

The company suggests “a series of defense mechanisms that should be present in any PDF application. These include an application sandbox, data execution protection including non-executable memory and safe structured exception handling, address space layout randomization, and stack cookies.”

Adobe recommends that users also consider their vendor’s security stance, including testing, patching policy, post release support and response to bug discovery.

Country of Origin: United States

Source: infosecurity

About PDF Competence Center

The PDF Competence Center is a resource for ISO 32000 developers world-wide.