There have been some recent exploits found in Adobe’s PDF file format.
These exploits or vulnerabilities can make it easy for malware to infect your computer in Adobe Reader. I have a video in this post to show you how to keep malware from infecting your computer through a PDF file. It’s a short video and securing your computer against this threat is well worth the 3 minutes.
What is Adobe PDF?
PDF stands for Portable Document Format.
Adobe designed this file format so that a page could be designed on one type of computer (say an Apple Mac) and shown looking the exact same way in another computer (your Windows computer). While the HTML format allows a web page to be viewed on different computers, it does not alway reproduce a page the same way. A different width screen will format a page different. Fonts for the text may be different. This drove the typesetting crowd nuts years ago.
So Adobe came out with PDF and Adobe Reader to view it with.
With a PDF file, everything can be controlled so it always looks the same. Even the font can be included in the file. This makes it possible for PDF files to be used even as legal documents. They can be locked so changes cannot be made to the file.
This has really moved electronic documents forward to the point we are at today where you can email a contract form to someone for them to fill out. Note I said to someone. No placing a contract out on someone. Although you could probably use a PDF for that too.
The trouble comes in the flexibility of the PDF file format.
PDF files can be used as web pages. Most browsers will open a PDF file just like a web page. You can include video, audio, images, and other files inside a PDF file. These other files can start other programs on your computer or even be a programs themselves. Unfortunately, it could be malware.
While there is a check that asks if you want to run the file impeded in a PDF file, a hacker could change it enough to make it sound innocent.
Here is where that social engineered malware comes in again. You click ok and a virus is installed. But wait! You don’t need to click on anything for trouble to start.
Part of the interface asks you if you want the Adobe Reader to always open a file of the same type without asking again. If you have ever checked that, an infected PDF can just run the malware and install it when you open the PDF file. You don’t even get a chance to say no.
So you need to do the Adobe Reader PDF fix in the video.
First make sure you have at least Adobe Reader 9.3 on your computer. You can check for updates in the help menu. You can also just go to the Adobe.com website and download the current version and it will normally overwrite the old one.
To fix the Reader PDF exploit you will need to do the following:
- Go to the edit menu
- Click on preferences
- In the left side column choose Trust Manger
- Make sure the box at the top under PDF File Attachments is not checked. That is the line that says “Allow opening of non-PDF file attachments with external applications.”
- Click OK down at the bottom
Again you want the box cleared. You do not want to allow those files to run.
This does not completely fix the problem but it will prevent malware from automatically infecting your computer. Adobe is working on a way to block malware while still allowing the flexibility that the PDF format can deliver.
Don’t forget to sign up for my free Online IT Guide newsletter so you don’t miss hint and tips like this that can help keep your computer free from malware. Tell your friends too, so they don’t inadvertently send you an email with a virus.