Don't know where to post thought may be this is the right section..........

Hackers use PDFs to take over PCs

Mikko-hypponenx-large Want to be more secure online? Stop using Adobe Acrobat reader to open PDF documents in your browser. That's what F-Secure virus hunter Mikko Hypponen, the closest thing to a rock star holding court at the RSA security conference, is advocating.

Ditching Adobe Acrobat Reader will greatly reduce your chances of getting your PC infected by a drive-by download, says the pony-tailed Hypponen, who was recently profiled in Vanity Fair.

"That's my advice," says Hypponen, "I don't expect a Christmas card from Adobe."

The bad guys are increasingly using security flaws in Adobe Acrobat Reader browser plugins to open a backdoor to your hard drive. These instructions get implanted when you visit a tainted website. The next time you use Adobe Reader, a very tiny poisoned PDF from the bad guys also opens and installs the backdoor that may allow them to take over your computer.

Last year, from Jan. 1 through April 16, F-Secure saw this technique used in 128 different attacks. This year, during the same time frame, the company has seen it used in 2,305 attacks.

By ditching Adobe reader, you may improve your odds of avoiding the fate of 1.9 million PC users, whose machines were assembled into a massive botnet using drive-by downloads, as just disclosed by security firm Finjan.

Update: There are several open source PDF readers consumers can use instead. Although Hypponen declined to recommend any particular one, he said alternatives can be found at

By Byron Acohido
Photo: Hypponen speaks about Adobe during the RSA conference. (Byron Acohido)