I’d love to hear more about why PDFs might be riskier than, say, azw or epub. Is it something inherent in the pdf format, or are pdfs so comparatively common they’re a more attractive vector of attack?
Arbitrary files can be embedded inside a PDF (by design), such as malicious code files. Many PDF readers have security issues allowing for PDFs to automatically allow for code execution of those embedded files, or prompt the user for a click to execute the files.
Just search for something like “executable code inside PDF” and browse through the many results of examples, issues, and tutorials to see.
I’d love to hear more about why PDFs might be riskier than, say, azw or epub. Is it something inherent in the pdf format, or are pdfs so comparatively common they’re a more attractive vector of attack?
Arbitrary files can be embedded inside a PDF (by design), such as malicious code files. Many PDF readers have security issues allowing for PDFs to automatically allow for code execution of those embedded files, or prompt the user for a click to execute the files.
Just search for something like “executable code inside PDF” and browse through the many results of examples, issues, and tutorials to see.