"Adobe Reader is the new Internet Explorer," Hypponen said at Tuesday's RSA security conference in San Francisco. He referred to the time when Internet Explorer 6's less-than-steller security reputation led many security gurus to suggest using an alternate browser.
Malware-pushing bad guys increasingly target Adobe Reader flaws, Hypponen says. In 2008, from Jan. 1 through April 16, F-Secure saw PDFs used in 128 dangerous .
This year, during the same time frame, the company has seen 2,305 drive-by's using PDFs. Such attacks go after a vulnerable Reader browser plugin, Hypponen says.
Poisoned PDFs are also often used as part of a customized, , he says, when they're sent to a specifically selected recipient attached to a well-crafted e-mail.
Hypponen didn't recommend any particular alternative program, but suggested heading to pdfreaders.org for a list of free apps. He did point out that at the time of IE 6's security infamy, many switched over to using Firefox. And as that browser gained significant market share, it also drew the hacker's eye.