E-Mail IMAGE: IT experts at RUB have found several security issues with digital signatures for PDF documents over the past years. view more Credit: RUB, Kramer A security issue in the certification signatures of PDF documents has been discovered by researchers at Ruhr-Universität Bochum. This special form of signed PDF files can be used, for instance, to conclude contracts. Unlike a normal PDF signature, the certification signature permits certain changes to be made in the document after it has actually been signed. This is necessary to allow the second contractual party to also sign the document. The team from the Horst Görtz Institute for IT Security in Bochum showed that the second contractual party can also change the contract text unnoticed when they add their digital signature, without this invalidating the certification. The researchers additionally discovered a weakness in Adobe products that enables attackers to implant malicious code into the documents.