PDF Wars: The Rise of the Evil Document
VeriSign's Managed Security Services group provides all kinds of services to assist organizations in the heavy lifting associated with some security tasks. Those tasks that are easy if you have one, but not easy if you have a thousand.
In a recent internal email string, one of our engineers told us they are seeing a dramatic increase in the amount of PDFs that have malicious JavaScript embedded in them. These exploits use the OpenAction function (like the HTML document.onload() function) as a vehicle to obtain full machine compromise with a root kit. I'm not sure why we feel the need to embed scripting into a PDF (isn't that what the web and offline browsing is for?), but it appears that once again functionality has usurped security.
I guess the next step is to make text files more functional so we can exploit those.
