What is the current risk of a PDF file carrying a virus?

As far as I know, PDF files have historically never been virus vectors,
since their ability to carry any type of useful executable code (beyond
the rendering code) has been very limited.  But with feature-bloat
gradually making the product more and more complicated, is the format
still safe today?

I'm using Acrobat 4.x, which I've never seen a reason to upgrade.  Is it
a safe version of Acrobat?  What about later versions (as readers or as
generators)?  What are the risks?

-- 
Transpose hotmail and mxsmanic in my e-mail address to reach me directly.

Mxsmanic wrote:

> What is the current risk of a PDF file carrying a virus?
> 
> As far as I know, PDF files have historically never been virus vectors,
> since their ability to carry any type of useful executable code (beyond
> the rendering code) has been very limited.  But with feature-bloat
> gradually making the product more and more complicated, is the format
> still safe today?
> 
> I'm using Acrobat 4.x, which I've never seen a reason to upgrade.  Is it
> a safe version of Acrobat?  What about later versions (as readers or as
> generators)?  What are the risks?
> 

Not that we know of. However some virus detectors think that a file type 
that they don't know about may contain viruses, but since they cannot 
verify tha absence of viruses, they spuriously claim that thay may be 
infected.

Lots of people that have been duped by M$ think that documents should only 
be Word, and not originated by other means. So they think that PDFs can't 
be used and they contain viruses. Of course untrue, but there's no telling 
some people.

Eric.

"Mxsmanic" <mxsmanic@hotmail.com> wrote in message
news:3tietvgu714iaa84s7vfmbtc41gm0glg83@4ax.com...
> What is the current risk of a PDF file carrying a virus?

Remarkably high, but I know of no exploits yet.

This was discussed at the Sybold SFO conference two years ago.  This
is where Jim King (CTO at Adobe) called PDF "an unruly teenager".
The expolits discussed there were based on the talk given by Dr. David
Story -- where the "one page" PDF file redrew itself repeatedly during
the talk.

Two major avenues of attack are pretty clear, each one based on boundary
condition interactions with other supported execution environments.

Since that time one other major avenue of attack has occured to me.
I can write a PDF file that will delete files from your disk.    Using other
know exploits, I can write a PDF file that should be able to destroy
certain printers.

> As far as I know, PDF files have historically never been virus vectors,
> since their ability to carry any type of useful executable code (beyond
> the rendering code) has been very limited.  But with feature-bloat
> gradually making the product more and more complicated, is the format
> still safe today?
>
> I'm using Acrobat 4.x, which I've never seen a reason to upgrade.  Is it
> a safe version of Acrobat?  What about later versions (as readers or as
> generators)?  What are the risks?
>
> -- 
> Transpose hotmail and mxsmanic in my e-mail address to reach me directly.

frank writes:

> Since that time one other major avenue of attack has occured to me.
> I can write a PDF file that will delete files from your disk.    Using other
> know exploits, I can write a PDF file that should be able to destroy
> certain printers.

So it would be imprudent for me to open a large PDF file received from a
stranger?  It supposedly contains a promotional brochure.

-- 
Transpose hotmail and mxsmanic in my e-mail address to reach me directly.