A secure democratic Net is a fundamental right

Websense has posted a good analysis of the method malware distributors are using to trick surfers in opening PDF files that download in the background malware.

The discussion looks like the one that we had some time ago about links in music files. Panda antvirus said at that time that it was being used to open and download other sites and files, while the function was originally integrated to show a site where you could see, read or interact about the music. Microsoft made the necessary changes while Apple continued to call it a function.

PDF has undergone the same metamorphosis. From a simple safe stupid file format that you used to distribute files that anyone could read and print it has now been developed as a workflow, coderich, interactive instrument. THis is all right in the internal protected networks, but if all these functions make any sense on the internet is still to be seen. I must say that I would like to have my old PDF files (or a new Save PDF internetfiles) back.

Websense says that the following three functions could be used to attack users.

mailto

launch

Openaction

Maybe the users should have the possbility to desactivate any of these functions while opening an Acrobat reader (maybe a small secured one for internet surfing ?) on the internet or on an untrusted environment.