1(630)802-8605 Ravi.das@bn-inc.net

In my blog posts, it seems like that I have picked on Facebook a number of times, and this is rightfully so.  As mentioned, we as subscribers, have a certain level of faith or trust, that our private information and data will be used in a manner that is acceptable, and most importantly, legal.  Well, ever since all of these debacles, and the bad press Facebook has  received in the press, I know a bunch of people who were my former Facebook friends simply close off their accounts and use something else.

Anyways, today is time to sort of pick on another vendor.  You really don’t hear too much about them in the press, and this company is known as Adobe Corporation.  Yes, they are a major software vendor based out of CA, and have been in business for a very long time.  They are the ones who have a reasonably famous tech writing communications suite, as well as their so called “Creative Cloud”.

The latter is a mish mash of all of their creative software packages mixed into one huge bundle, some of them include Photoshop (used for editing pictures), InDesign and InCopy (other kinds of tech writing tools, etc).  But, they are also famous for one more product line:  Their PDF reader.  We all have used it one way or another, without giving it much of a second thought.

But for those who may not know about it totally, here is a technical definition of it:

“Developed by Adobe Systems, a file with the .PDF file extension is a Portable Document Format file . . . . PDF files can contain not only images and text, but also interactive buttons, hyperlinks, embedded fonts, video, and more . . . you’ll often see product manuals, eBooks, flyers, job applications, scanned documents, brochures, and all sorts of other documents available in the PDF format . . . because PDFs don’t rely on the software that created them, nor on any particular operating system or hardware, they look the same no matter what device they’re opened on.”

(SOURCE:  https://www.lifewire.com/pdf-file-2622916).

Based on this above definition, a PDF file is nothing but an electronic representation of another document, perhaps Word.  Many businesses and corporations use PDFs, especially when it comes to sending legal contracts.  This way, there are some guarantees that the receiver of the PDF cannot alter any of the contents of the document (as opposed to sending it in a .DOC format, where the contents can be altered).

Unfortunately though, as good and reliable the PDF has been, it too has become the victim of Cyber attacks.  The latest vulnerability comes as malicious code can be injected into a PDF file, and when it is opened, it can launch and spread itself on just about any device, and yes, even your Smartphone.  This is what makes that much more dangerous.  In technical terms, here is a much more detailed description of the attack:

“It allows an attacker to execute arbitrary code with the highest possible privileges on the vulnerable target, and with only the most minimal of user interaction . . . when opened, the PDF sample first embeds JavaScript code .  .  . the exploit enables attackers to read and write in memory, allowing them to execute shellcode that executes a malicious PE file.”

(SOURCE:  https://www.scmagazine.com/pdf-exploit-built-to-combine-zero-day-windows-and-adobe-reader-bugs/article/766100/)

Although I am a fervent user of PDF files, I really do not know about all of the technical details behind how the PDF actually works.  But from what best I can understand, it sounds like that this vulnerability is very similar to that of the Windows files (primarily the .XLS and the .DOC) attacks.  This is where the individual is spoofed into downloading one of these attachments, and when opened, a Trojan Horse is then launched in a very covert fashion.

But what I believe what makes the PDF vulnerability different from the Windows vulnerabilities is that with the former, the Cyber attacker can actually  gain direct access to your system.  With the latter, I don’t think that the Cyber attacker can gain actual access, but instead, the Trojan Horse sends back the private information and data (such as usernames and passwords) back to the Cyber attacker.

This vulnerability  in the PDF also takes advantage of some sort of memory corruption from within the PDF software itself.  Even more shocking is that there were some 47  other vulnerabilities found with the PDF software . . . but Adobe caught all of these in time, and released the needed software patches and upgrades to fix it.  Apparently, the flaw in the memory of the PDF software allows the Cyber attacker to also have read and write privileges in your device . . . obviously, this is something that you do not want to have ever happen to you.

But finally, the good news is that this threat I just discussed in this blog has not really  been taken advantage of, at least not yet.  A security researcher by the name of Anton Cherepanov discovered this flaw in the PDF software, and of course, much more technical detail on it can be seen at his blog post:

https://www.welivesecurity.com/2018/05/15/tale-two-zero-days/

Since I am  not technically versed in PDF or Adobe products per se, my best advice to everybody is just be on the look out for suspicious attachments, especially if you receive an Email from somebody you do not know or are not expecting.  If anything looks out of the ordinary, remember, your best line of defense is to use that old fashioned Delete key!!!