Of the many apps available on iPad release day--and the continuing flood of new additions coming in as developers get their apps primed for the new device--a few key apps came straight from Apple. As reported when the iPad was initially announced, Apple has created iPad versions of its popular iWork productivity suite, including Pages, Numbers, and Keynote apps--each of which is available for $9.99 at the iTunes App Store.

We've had a chance to get a close look at each of the iWork apps and have found them to be extremely useful on the new platform. Obviously, the touch-screen keypad won't be as efficient as a keyboard for serious writing, and the lack of print features require some extra steps, but for most other purposes the iWork apps will be useful to anyone trying to get some work done on their brand-new iPad.

Pages for iPad seemed like the biggest stretch for a touch-screen device like the iPad, but with Apple's keyboard dock stand or a Bluetooth keyboard, it works quite well. Even with the touch-screen keyboard, we were able to type at a fairly fast speed. Find out more about Pages in our review.

Numbers for iPad is Apple's spreadsheet program, and we were pleasantly surprised with how easy it was to interact with the app. Creating spreadsheets and graphs is incredibly easy on the touch-screen interface, and Apple has streamlined the job of using your spreadsheet data through smart interactive tools that tie your information together. Find out more about Numbers in our review.

Keynote for iPad lets you make professional-quality presentations using an intuitive interface that just about anyone can master. Everything from slide-to-slide transitions, imported images and movies, to cool-looking animations are all possible with only a few swipes of your finger. Find out more about Keynote in our review.

Portable Document Format (PDF) files could be used to spread malware to clean PDF files stored on a target computer running Adobe Acrobat Reader or Foxit Reader PDF software, a security researcher warned on Monday.

Jeremy Conway, product manager at NitroSecurity, created a proof of concept for an attack in which malicious code is injected into a file on a computer as part of an incremental update, but which could be used to inject malicious code into any or all PDF files on a computer.

The attack requires the user of the computer to allow the code to be executed by agreeing to it via a dialog box. However, the attacker could at least partially control the content of the dialog box that appears to prompt the user to launch the executable and thus use social engineering to entice the computer user to agree to execute the malware, said Conway.

Turning off JavaScript would not prevent the attack. It also does not require that the attacker exploit a vulnerability in the PDF reader itself.

The PDF reader incremental update capability "can be used as an infection vector," said Conway. The attack "does not exploit a vulnerability. No crazy Zero-Day (exploit) is needed to make this work."

Conway's proof of concept attack--detailed here with more information here--takes advantage of the same weakness in PDF readers that security researcher Didier Stevens of Belgium discovered a week ago and explained on his blog.

Stevens was able to launch a command and run an executable within a PDF file using a multi-part scripting process. As a result of that research and blog post, researchers at Adobe and Foxit Software are investigating ways to mitigate the risks from such attacks, according to CNET sister site ZDNet.

An Adobe spokeswoman did not have a comment on Conway's hack, but ZDNet posted Adobe's comment on Stevens':

"Didier Stevens' demo relies on functionality defined in the PDF specification, which is an ISO standard (ISO PDF 32000-1:2008)," the statement said. "Section 12.6.4.5 of the specification defines the /launch command. This is an example of powerful functionality relied on by some users that also carries potential risks when used incorrectly. The warning message provided in Adobe Reader and Adobe Acrobat includes strong wording advising users to only open and execute the file if it comes from a trusted source. Adobe takes the security of our products and technologies very seriously; we are always evaluating ways to allow end-users and administrators to better manage and configure features like this one to mitigate potential associated risks."

Foxit provided ZDNet this comment:

"Foxit takes every security concern seriously and we focus our engineering resources at determining the cause of the problem and coming up with a complete and safe solution. Upon hearing of a possible security concern, our development team went to work and a resolution was determined in less than 24 hours and an updated version of the Foxit Reader will be made public in the next 72 hours."

The problem results from the PDF reader software allowing executable files to be opened or launched from within the program, according to Conway. "Most users don't use that additional functionality," he said.

He suggested that PDF software firms could provide a "minimalistic" version of the PDF readers that do not allow other types of programs to be launched and allow users to decide which specific types of executables they want to be able to open within the program.

Originally posted at InSecurity Complex

As I mentioned in last week's write-up of Tony Hawk Pro Skater 2, not all the hot gaming action these days is on the iPad. Developers continue to crank out some mighty slick titles for the iPhone and iPod Touch, as evidenced by these five compelling newcomers:

1. Above Jumping games (like the terminally addicting PapiJump) are ideal when you've got a few minutes to kill--er, jump. Above (above) takes the platform-jumping genre to a new, um, level, as your tireless briefcase-wielding hopper ascends ever skyward. A techno soundtrack and lush, scrolling backgrounds help keep the action interesting. Above costs $1.99.

2. Bounce On 2: Drallo's Demise If you prefer rolling to jumping and platforms that keep you moving horizontally instead of vertically, Bounce On 2 ($3.99) is your game. I can't say I played (or even heard of) the original, but this charming, fun-for-all-ages platformer hooked me right from the start. You don't have to take my word for it: Try the free Bounce On 2 Lite before you spring for the full game.

3. The Sims 3 World Adventures You know what makes bored Sims (and Sims players) happy? Travel! EA's new World Adventures ($6.99) lets you take new or existing avatars (imported from the original Sims 3 for iPhone) globe-trotting to China, Egypt, and France. This is no mere expansion pack: In addition to the new locales, World Adventures offers new goals, new clothes, new furniture, and even new faces. And when you're ready to "head home," you can export your virtual peeps back to the original Sims 3.

4. Star Wars: Cantina The most famous bar not located in Boston gets its own game. But the only "Force power" you'll need in this cartoony title is the power to serve the right drinks to the right scum and villainy, and fast. So, yeah, it's Diner Dash, Star Wars-style. But thanks to John Williams' lively, always-engaging "Cantina Theme," well, the Force is strong in this one.

5. Vampire Origins When it comes to the undead, I prefer zombies to vampires (not that they're mutually exclusive or anything). That said, give me swords, guns, and a good story, and I'll gladly mow down any unholy creatures you send my way. Vampire Origins ($6.99) offers plenty of third-person hack-and-blast-and-slash action for the aspiring vampire hunter. Check out the gameplay video below.

Seen any other exciting games this week? You know what to do: Tell me all about 'em in the comments!

Originally posted at iPhone Atlas

Although there weren't any major browser updates, the past week saw a lot of browser related news hit the wire. From what users have been able to test in the Chrome 5 beta and Chrome 5 developer's builds, and what's been discovered on Google-related blogs, the shape of the next version of Chrome is coming into focus. Google's accelerated development of Chrome isn't surprising given the browser's skyrocketing market share, and the company plans on baking Flash right into the browser.

Other browsers featured in the week's news include a minor update to Firefox 3.6.3, a commitment from Mozilla to speed up development of hardware graphics acceleration, Firefox's last update to Firefox 3.x, and 10 emergency security patches for Internet Explorer.

Besides browsers, Microsoft dropped an Office bombshell. It announced that the Office suite will compete with both free productivity suites like OpenOffice as well as Google Docs. As they make the online version of Office free to users, feature-limited versions of the suite will ship on many new computers.