Firefox getting built-in HTML5-based PDF viewer to improve security

The new PDF viewer will be more secure than third-party plug-ins, Mozilla says

By Lucian Constantin, IDG News Service |  Software

Such an implementation might provide more security to the end user because its user base will be smaller compared to that of Adobe Reader and cybercriminals will continue to focus on exploiting the most popular pieces of software, Stefan Tanase, a senior security researcher at antivirus vendor Kaspersky Lab, said via email. "While I am excited to see Firefox giving extra thought to the security of its users, what worries me is that even the technologies on which PDF.js is based can be vulnerable."

Tanase pointed out that vulnerabilities in the browser's JavaScript rendering engine are not uncommon. As an example, he pointed to CVE-2013-0750, a remote code execution vulnerability fixed in Firefox 18 a few days ago. The vulnerability stems from a bug in the way the browser calculates the length for a JavaScript string concatenation.

This vulnerability is not the exception, but rather the rule, Tanase said. "Similar ones are discovered every year, in mostly every product version and they can all be used by attackers to run code and install software, requiring no user interaction beyond normal browsing."

This PDF viewer component could be more secure than third-party plug-ins if it is written entirely in JavaScript/HTML5, Thomas Kristensen, the chief security officer at vulnerability intelligence vendor Secunia, said via email.

However, this doesn't mean that it's not prone to vulnerabilities, he said. "If new functionality has been added to the browser or the PDF reader otherwise becomes privileged in the browser, then it may be vulnerable and become a new vector to exploit these vulnerabilities in the browser."

"From a technical standpoint I find it very interesting that they are creating a PDF viewer that utilizes the existing capabilities of the browser," Carsten Eiram, the chief research officer at security consultancy firm Risk Based Security, said via email. "Since browsers are now so advanced with HTML5 and JavaScript support that they can actually parse PDF files, it could make having a separate PDF viewer pointless for most users, who just need basic PDF viewing capabilities."

In general, the less code there is on a system, the less exposed it is to potential attacks, Eiram said. Using this built-in PDF viewer component instead of installing a separate a PDF reader application that often includes features many users don't really need and which can be vulnerable, reduces the system's overall attack surface, he said.

Tanase also agrees with this theory. "There's a clear benefit for using the same rendering engine for both Web pages and PDFs which needs to be pointed out: the code base is smaller, therefore the attack surface and potential risk is lowered," he said.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question
randomness