How to protect from increasingly dangerous PDF files

This post is also available in: Slovenian




As reported by media and tech bloggers there is potencially a very dangerous functionality of PDF format. Here we discribe how they address the problem Adobe an  Foxit  Software Solutions and of course security tips.

Sometimes software house in its good faith and to offer more functionality, unwittingly cause a security hole that can be used by not-so-nice people. Recently, the famous researcher in the field of IT security from Belgium Didier Stevens, who puts a big attention to particular PDF format (some have proclaimed him the hacker), pointed to the possibility of using functional integration of additional content in a pdf document.

In this case is showed how can be taking advantage of Adobe Reader and Foxit Reader

What’s the problem?

PDF documents can be attached with the script or exe program, which can be taken in anything but pleasant purposes. It can run the script, which then for example activate a virus.
The Adobe Reader shows the alert on the implementation of scripts and note to click only if we trust this script. Because most users, despite these warnings click on the Start button, there is a large potential risk. In Foxit Reader, until mid-April version the warning was not displayed and the script was silently started in latest versions it shows alerts as Adobe Reader.

Instead, line1, line2, line3 (may be given a more interesting text )

Test in Sumatra PDF is again demonstrated how great this PDF reader, in addition to speed, reliable and security. Part of what all the cases we are 99.99% of readers: to open a PDF document and that’s it, nothing else.
Tips for safely opening a PDF file format

  • PDF files should be opened as the preferred Web browser,
  • to open the disk, it is recommended to use lesser-known PDF readers.

My winner is, of course, Sumatra PDF.

Safety Tips for Adobe Reader
Because Adobe Reader is still the most widely used PDF document reader with us, here are few safety tips.
On the Edit menu, select Settings and then to update the program, select the desired option where if we do not know which, then choose to automatically install updates.

We are still in the settings where the manager trust you again. It should tick the option of opening file attachments. The same would not recommend Internet access from PDF files outside the Web browser as the link may lead to infected web sites. Change the settings and choose Block all websites.

Most users think PDF format is highly secure document format, but in reality for some time now experts warn that this is not true anymore.
PS: This is potential danger only in the Windows environment
PPS: please application programmers to organize your applications that pdf file format can be opened by any reader, not just Adobe, which happens too often
via Didier Stevens blog Update-escape-from-pdf

Saša

Works as system engineer in Slovenian Enterprise in Microsoft environment focusing on security, deployments, SharePoint, SCCM and CheckPoint firewall. Author of successful blog about IT security, Microsoft tips & tricks, social media, internet trends.

Leave a Reply