As Julia Wolf, a researcher with security company FireEye, pointed out at the 27th Chaos Communication Congress in Berlin - the current PDF standard is riddled with functions that can be misused in various ways.
According to her, a PDF file can have a database scanner embedded in it which is rigged to start scanning as soon as the file is printed on a network printer. It can also be made to display completely different content depending on the OS, browser, PDF reader software or language settings used on the computer.
According to The H Security she also mentioned that, interestingly enough, Adobe calls the the PDF format a "container format". And, indeed, it can contain many things - from audio and video to Flash files, which can, in their turn, be exploited by the attackers.
But, one of the biggest problems regarding the exploitation of this feature is that most anti-malware solutions fail to detect this embedded malicious software, and the detection rate is poorer still if the malicious code is compressed.
All in all, the sandboxing feature will be a welcome addition to the new version of Adobe Reader. Whether it will solve the problems she described, it remains to be seen.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.