April 24, 2013

Adobe PDFs and Security


Adobe’s suite of software offerings is one of the most popular programs in the world — which is precisely why it is also one of the most targeted and exploited platforms as well.

pdf safety

PDFs, in particular, are hugely popular and are used across operating systems, and it’s that cross-platform functionality that appeals so much to attackers, who in recent years have created malware that automatically recognizes which operating system a user has, then downloads the appropriate version of its malicious code.

Attackers have created malware that automatically recognizes which operating system a user has and downloads the appropriate version of malicious code through PDFs.

But just because PDFs are widely targeted doesn’t mean you have to live in extreme danger. Here are a few safety tips for working with PDFs, as well as other Adobe systems.

  1. Install software updates. This basic step is the essential base level of PDF security. Adobe updates — like all software updates — include the latest security patches for known exploits. Without these latest versions your system sits wide open to threats. Make sure your system is set up to automatically download these latest updates.
  2. Safe modes. Adobe is, of course, well aware of the vulnerabilities of its platform and offers two safe modes in which Reader can be operated to limit the impact of attacks even when the program is exploited. The first is Protected View, a read-only mode that blocks the file executions until the user verifies them to be legitimate. Users can enable Protected View by going to ‘Edit,’ then ‘Preferences’ and selecting ‘Security (Enhanced).’ The second is Protected Mode, a sandbox environment designed to contain the execution of any suspicious script but that has, unsurprisingly, already been exploited — and subsequently patched — since its release in late 2012, as detailed by Kaspersky Threatpost writer Michael Mimoso. The almost immediate violation of this supposedly secure operation mode for Reader is all the evidence you need that no matter how safe such operating modes are supposed to be, they can’t be trusted entirely.
  3. Alternative readers. Adobe Reader is what most people use to read PDFs, but it’s not the only PDF reader out there. Foxit Reader, Sumatra PDF and Nitro PDF Reader are three popular and well-reviewed alternatives, and Firefox rolled out a native PDF reader earlier this year. Of course, all PDF readers are susceptible to exploits — and while there’s not a lot of information about the security of Firefox’s reader, initial reviews seem positive — but the very fact that these programs are used far less than Adobe Reader means that they maintain a much lower profile with attackers.
  4. Use an antivirus system. The exploitability of PDFs is one of the many reasons users should always have a robust protection like Kaspersky PURE 3.0 or Kasperksy Internet Security 2013. These programs should be maintained and updated regularly — just as you should maintain and update Adobe and all other software programs — with their latest versions that include the latest security measures.