[Infowarrior] - Adobe Reader is world's most-exploited app

[Richard Forno]

t's official: Adobe Reader is world's most-exploited app

The new Microsoft
By Dan Goodin in San Francisco • Get more from this author

Posted in Malware, 9th March 2010 20:33 GMT

http://www.theregister.co.uk/2010/03/09/adobe_reader_attacks/

Adobe's ubiquitous Reader application has replaced Microsoft Word as  
the program that's most often targeted in malware campaigns, according  
to figures compiled by F-Secure.

Files based on Reader were exploited in almost 49 percent of the  
targeted attacks of 2009, compared with about 39 percent that took aim  
at Microsoft Word. By comparison, in 2008, Acrobat was targeted in  
almost 29 percent of attacks and Word was exploited by almost 35  
percent.

"Why has it changed?" F-Secure asks here. "Primarily because there has  
been more vulnerabilities in Adobe Acrobat/Reader than in the  
Microsoft Office applications."

Underscoring the surge of Reader attacks, online thugs recently  
unleashed a new malware campaign that exploits vulnerabilities patched  
three weeks ago in the widely used program. The attacks target  
financial institutions with a PDF file with a name that refers to the  
so-called Group of 20 most influential economic powers. F-Secure and  
Microsoft have additional details here and here.

When victims click on the file with unpatched versions of Reader, the  
file installs a backdoor that causes their system to connect to a  
server at tiantian.ninth.biz.

Other applications included in Microsoft Office also experiences sharp  
declines in exploitation. PowerPoint attacks dropped from almost 17  
percent in 2008 to less than 5 percent last year. Excel fell from  
about 17 percent to less than 8 percent. ®