Home | Blog | Software | Reviews and Features | Forum | Help | Donate | About us

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • October 28, 2016, 07:23:50 AM
  • Proudly celebrating 10 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: PDF the Most Common Malware Vector  (Read 1056 times)


  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,401
    • View Profile
    • Donate to Member
PDF the Most Common Malware Vector
« on: March 22, 2010, 10:35:41 PM »
From Herb Sutter (who got it from Schneier who got it from F-Secure  ;D )

It's almost non-news, because it’s been obvious for years that this was coming. Malware writers target the common programs and formats. Several years ago, I talked to senior developers from a major software company on multiple occasions about memory safety and secure coding, and at the time they weren’t interested because exploits didn’t affect them (yet). As an example, I pointed out: “Look, do you think software like Acrobat Reader needs to care about secure coding? – But of course it does. Isn’t it obvious that it’ll be targeted sooner rather than later?” Moral: If you write popular software, the need for secure coding affects you and your product; if it doesn’t today, it will tomorrow. (Obligatory note: This isn’t just about C and C++. Every mainstream language lets you write exploitable security flaws.)

targeted_attacks_filetypes_2008.jpgPDF the Most Common Malware Vector

targeted_attacks_filetypes_2009_ytd.jpgPDF the Most Common Malware Vector

« Last Edit: March 22, 2010, 10:38:16 PM by Eóin »