Malicious PDF files and related exploits are invading the Net. Looking at the CVE records in the National Vulnerability Database for Adobe products, we see a dramatic increase in 2009.
Since January 1, Adobe vulnerabilities have continued to appear. During this period, five are classified as medium, while about 30 are judged high-level threats.
Now we find the Zeus botnet is also taking advantage of a PDF flaw: This vulnerability, along with about 15 others, are now covered by the recent patch (ABSB10-09).
In 2007 and at the beginning of 2008 most of the exploit samples in our malware collections were linked to HTML/iframe, WMF, or DCOM vulnerabilities.
Today malware involving malformed PDF file are legion. From less then 2 percent of malware directly connected to exploits in 2007 and 2008, they have reached 17 percent in 2009 and 28 percent during the first quarter of 2010. For Adobe Reader software, 2010 seems to be the year of living dangerously.